You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Daniel Kulp (JIRA)" <ji...@apache.org> on 2009/11/06 00:15:32 UTC
[jira] Resolved: (CXF-2524) STSClient requires Lifetime element in
RSTR
[ https://issues.apache.org/jira/browse/CXF-2524?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp resolved CXF-2524.
------------------------------
Resolution: Fixed
Fix Version/s: 2.2.5
Assignee: Daniel Kulp
> STSClient requires Lifetime element in RSTR
> -------------------------------------------
>
> Key: CXF-2524
> URL: https://issues.apache.org/jira/browse/CXF-2524
> Project: CXF
> Issue Type: Bug
> Affects Versions: 2.2.4
> Reporter: Oliver Wulff
> Assignee: Daniel Kulp
> Fix For: 2.2.5
>
>
> The STSClient in CXF requires that an STS returns the Lifetime element which is optional as per WS-Trust 1.3 spec:
> [http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.html]
> >>>
> 4.4 Returning a Security Token
> ...
> wst:RequestSecurityTokenResponse/wst:Lifetime
> This optional element specifies the lifetime of the issued security token. If omitted the lifetime is unspecified (not necessarily unlimited). It is RECOMMENDED that if a lifetime exists for a token that this element be included in the response.
> >>>
> STSClient.java:
> ...
> while (el != null) {
> String ln = el.getLocalName();
> if (namespace.equals(el.getNamespaceURI())) {
> if ("Lifetime".equals(ln)) {
> lte = el;
> ...
> SecurityToken token = new SecurityToken(id, rstDec, lte);
> ...
> SecurityToken.java:
> ...
> public SecurityToken(String id,
> Element tokenElem,
> Element lifetimeElem) {
> this.id = id;
> this.token = cloneElement(tokenElem);
> this.processLifeTime(lifetimeElem);
> ...
> /**
> * @param lifetimeElem
> * @throws TrustException
> */
> private void processLifeTime(Element lifetimeElem) {
> try {
> DatatypeFactory factory = DatatypeFactory.newInstance();
>
> Element createdElem =
> DOMUtils.getFirstChildWithName(lifetimeElem,
> WSConstants.WSU_NS,
> WSConstants.CREATED_LN);
> this.created = factory.newXMLGregorianCalendar(DOMUtils.getContent(createdElem))
> .toGregorianCalendar();
> Element expiresElem =
> DOMUtils.getFirstChildWithName(lifetimeElem,
> WSConstants.WSU_NS,
> WSConstants.EXPIRES_LN);
> this.expires = factory.newXMLGregorianCalendar(DOMUtils.getContent(expiresElem))
> .toGregorianCalendar();
> } catch (DatatypeConfigurationException e) {
> //shouldn't happen
> If "null" is passed to processLifeTime a NPE occurs. If the CXF internals don't depend on the lifetime the following might fix it already:
> ...
> public SecurityToken(String id,
> Element tokenElem,
> Element lifetimeElem) {
> this.id = id;
> this.token = cloneElement(tokenElem);
> if (lifetimeElem !=null) this.processLifeTime(lifetimeElem);
> ...
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.