You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Rasmus Rhein Helwigh (JIRA)" <ji...@apache.org> on 2008/04/21 15:33:22 UTC
[jira] Created: (RAMPART-154)
org.apache.rahas.client.STSClient.org.apache.rahas.processIssueResponse
fails if SamlAssertion is issued.
org.apache.rahas.client.STSClient.org.apache.rahas.processIssueResponse fails if SamlAssertion is issued.
---------------------------------------------------------------------------------------------------------
Key: RAMPART-154
URL: https://issues.apache.org/jira/browse/RAMPART-154
Project: Rampart
Issue Type: Bug
Components: rampart-policy
Environment: Latest Rampart and Wss4j on a windows platform.
Reporter: Rasmus Rhein Helwigh
Assignee: Ruchith Udayanga Fernando
the method processIssueResponse throws a trustexception if findIdentifier returns null. This is a problem since SAML Assertions don't has a AssertionID attribute instead of an ID attribute.
One solution could be to look for the assertionID attribute as well. Another could be to ignore the ID if it isn't found.
The example below shows a version of findIdentifier that also works with SAML 1.1 Assetions
private String findIdentifier(OMElement reqAttRef,
OMElement reqUnattRef,
OMElement token) {
String id;
if (reqAttRef != null) {
//First try the attached ref
id = this.getIdFromSTR(reqAttRef);
} else if (reqUnattRef != null) {
//then try the unattached ref
id = this.getIdFromSTR(reqUnattRef);
} else {
//Return wsu:Id of the token element
id = token.getAttributeValue(new QName(WSConstants.WSU_NS, "Id"));
if ( id == null )
{
id = token.getAttributeValue(new QName( "AssertionID"));
}
}
return id;
}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-154)
org.apache.rahas.client.STSClient.org.apache.rahas.processIssueResponse
fails if SamlAssertion is issued.
Posted by "Rasmus Rhein Helwigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-154?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rasmus Rhein Helwigh updated RAMPART-154:
-----------------------------------------
Attachment: patch.txt
I've attatched the patch. I don't know if it's in the correct format. Please let med know if there's any problems.
> org.apache.rahas.client.STSClient.org.apache.rahas.processIssueResponse fails if SamlAssertion is issued.
> ---------------------------------------------------------------------------------------------------------
>
> Key: RAMPART-154
> URL: https://issues.apache.org/jira/browse/RAMPART-154
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Environment: Latest Rampart and Wss4j on a windows platform.
> Reporter: Rasmus Rhein Helwigh
> Assignee: Ruchith Udayanga Fernando
> Attachments: patch.txt
>
>
> the method processIssueResponse throws a trustexception if findIdentifier returns null. This is a problem since SAML Assertions don't has a AssertionID attribute instead of an ID attribute.
> One solution could be to look for the assertionID attribute as well. Another could be to ignore the ID if it isn't found.
> The example below shows a version of findIdentifier that also works with SAML 1.1 Assetions
> private String findIdentifier(OMElement reqAttRef,
> OMElement reqUnattRef,
> OMElement token) {
> String id;
> if (reqAttRef != null) {
> //First try the attached ref
> id = this.getIdFromSTR(reqAttRef);
> } else if (reqUnattRef != null) {
> //then try the unattached ref
> id = this.getIdFromSTR(reqUnattRef);
> } else {
> //Return wsu:Id of the token element
> id = token.getAttributeValue(new QName(WSConstants.WSU_NS, "Id"));
> if ( id == null )
> {
> id = token.getAttributeValue(new QName( "AssertionID"));
> }
> }
>
> return id;
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-154)
org.apache.rahas.client.STSClient.org.apache.rahas.processIssueResponse
fails if SamlAssertion is issued.
Posted by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-154?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12591277#action_12591277 ]
Nandana Mihindukulasooriya commented on RAMPART-154:
----------------------------------------------------
Hi Rasmus,
Can you create a patch and apply it to the JIRA ?
> org.apache.rahas.client.STSClient.org.apache.rahas.processIssueResponse fails if SamlAssertion is issued.
> ---------------------------------------------------------------------------------------------------------
>
> Key: RAMPART-154
> URL: https://issues.apache.org/jira/browse/RAMPART-154
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Environment: Latest Rampart and Wss4j on a windows platform.
> Reporter: Rasmus Rhein Helwigh
> Assignee: Ruchith Udayanga Fernando
>
> the method processIssueResponse throws a trustexception if findIdentifier returns null. This is a problem since SAML Assertions don't has a AssertionID attribute instead of an ID attribute.
> One solution could be to look for the assertionID attribute as well. Another could be to ignore the ID if it isn't found.
> The example below shows a version of findIdentifier that also works with SAML 1.1 Assetions
> private String findIdentifier(OMElement reqAttRef,
> OMElement reqUnattRef,
> OMElement token) {
> String id;
> if (reqAttRef != null) {
> //First try the attached ref
> id = this.getIdFromSTR(reqAttRef);
> } else if (reqUnattRef != null) {
> //then try the unattached ref
> id = this.getIdFromSTR(reqUnattRef);
> } else {
> //Return wsu:Id of the token element
> id = token.getAttributeValue(new QName(WSConstants.WSU_NS, "Id"));
> if ( id == null )
> {
> id = token.getAttributeValue(new QName( "AssertionID"));
> }
> }
>
> return id;
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.