You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Ethan Wallwork (JIRA)" <ji...@apache.org> on 2013/07/16 23:30:50 UTC

[jira] [Created] (CXF-5133) CXF STS renewed token not itself renewable.

Ethan Wallwork created CXF-5133:
-----------------------------------

             Summary: CXF STS renewed token not itself renewable.
                 Key: CXF-5133
                 URL: https://issues.apache.org/jira/browse/CXF-5133
             Project: CXF
          Issue Type: Bug
          Components: STS
    Affects Versions: 2.7.5
         Environment: Windows XP, Java 1.7
            Reporter: Ethan Wallwork


When renewing a security token (a SAML assertion in my test case) the returned token cannot be renewed again (nor can the original).  This is true even if the <Renewing/> element is present in the renewal RST message.

It seems that the SAMLTokenRenewer class does not put the STSConstants.TOKEN_RENEWING_ALLOW and STSConstants.TOKEN_RENEWING_ALLOW_AFTER_EXPIRY properties on the SecurityTOken placed in the token store, which are required for renewal to later take place.



--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira