You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Anubhav Sharma (Created) (JIRA)" <ji...@apache.org> on 2011/10/07 16:23:29 UTC
[jira] [Created] (CXF-3850) SAML and UsernameToken validation
should validate the realm of the incoming token against cached tokens
SAML and UsernameToken validation should validate the realm of the incoming token against cached tokens
-------------------------------------------------------------------------------------------------------
Key: CXF-3850
URL: https://issues.apache.org/jira/browse/CXF-3850
Project: CXF
Issue Type: Improvement
Components: Services
Affects Versions: 2.4.2
Reporter: Anubhav Sharma
Fix For: 2.4.3
Attachments: 0001-Added-realm-validation-against-cache.patch
SAML and UsernameToken validation should validate the realm of the incoming token against the realm of the cached token
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (CXF-3850) SAML and UsernameToken validation
should validate the realm of the incoming token against cached tokens
Posted by "Colm O hEigeartaigh (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-3850?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13122919#comment-13122919 ]
Colm O hEigeartaigh commented on CXF-3850:
------------------------------------------
Adding the commit log, as I gave the wrong JIRA number:
Author: coheigea
Date: Fri Oct 7 16:07:43 2011
New Revision: 1180086
URL: http://svn.apache.org/viewvc?rev=1180086&view=rev
Log:
[CXF-2850] - SAML and UsernameToken validation should validate the realm of the incoming token against cached tokens
- Patch applied, thanks
Added:
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/CacheSAMLRealmCodec.java
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorCachedRealmTest.java
Modified:
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/STSConstants.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java
> SAML and UsernameToken validation should validate the realm of the incoming token against cached tokens
> -------------------------------------------------------------------------------------------------------
>
> Key: CXF-3850
> URL: https://issues.apache.org/jira/browse/CXF-3850
> Project: CXF
> Issue Type: Improvement
> Components: Services
> Reporter: Anubhav Sharma
> Assignee: Colm O hEigeartaigh
> Fix For: 2.5
>
> Attachments: 0001-Added-realm-validation-against-cache.patch
>
>
> SAML and UsernameToken validation should validate the realm of the incoming token against the realm of the cached token
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (CXF-3850) SAML and UsernameToken validation
should validate the realm of the incoming token against cached tokens
Posted by "Colm O hEigeartaigh (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-3850?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh resolved CXF-3850.
--------------------------------------
Resolution: Fixed
> SAML and UsernameToken validation should validate the realm of the incoming token against cached tokens
> -------------------------------------------------------------------------------------------------------
>
> Key: CXF-3850
> URL: https://issues.apache.org/jira/browse/CXF-3850
> Project: CXF
> Issue Type: Improvement
> Components: Services
> Reporter: Anubhav Sharma
> Assignee: Colm O hEigeartaigh
> Fix For: 2.5
>
> Attachments: 0001-Added-realm-validation-against-cache.patch
>
>
> SAML and UsernameToken validation should validate the realm of the incoming token against the realm of the cached token
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Assigned] (CXF-3850) SAML and UsernameToken validation
should validate the realm of the incoming token against cached tokens
Posted by "Colm O hEigeartaigh (Assigned) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-3850?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh reassigned CXF-3850:
----------------------------------------
Assignee: Colm O hEigeartaigh
> SAML and UsernameToken validation should validate the realm of the incoming token against cached tokens
> -------------------------------------------------------------------------------------------------------
>
> Key: CXF-3850
> URL: https://issues.apache.org/jira/browse/CXF-3850
> Project: CXF
> Issue Type: Improvement
> Components: Services
> Affects Versions: 2.4.2
> Reporter: Anubhav Sharma
> Assignee: Colm O hEigeartaigh
> Fix For: 2.4.3
>
> Attachments: 0001-Added-realm-validation-against-cache.patch
>
>
> SAML and UsernameToken validation should validate the realm of the incoming token against the realm of the cached token
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (CXF-3850) SAML and UsernameToken validation
should validate the realm of the incoming token against cached tokens
Posted by "Colm O hEigeartaigh (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-3850?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh updated CXF-3850:
-------------------------------------
Affects Version/s: (was: 2.4.2)
Fix Version/s: (was: 2.4.3)
2.5
> SAML and UsernameToken validation should validate the realm of the incoming token against cached tokens
> -------------------------------------------------------------------------------------------------------
>
> Key: CXF-3850
> URL: https://issues.apache.org/jira/browse/CXF-3850
> Project: CXF
> Issue Type: Improvement
> Components: Services
> Reporter: Anubhav Sharma
> Assignee: Colm O hEigeartaigh
> Fix For: 2.5
>
> Attachments: 0001-Added-realm-validation-against-cache.patch
>
>
> SAML and UsernameToken validation should validate the realm of the incoming token against the realm of the cached token
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (CXF-3850) SAML and UsernameToken validation
should validate the realm of the incoming token against cached tokens
Posted by "Anubhav Sharma (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-3850?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Anubhav Sharma updated CXF-3850:
--------------------------------
Attachment: 0001-Added-realm-validation-against-cache.patch
Attaching a patch for validaion of realms from the cache
> SAML and UsernameToken validation should validate the realm of the incoming token against cached tokens
> -------------------------------------------------------------------------------------------------------
>
> Key: CXF-3850
> URL: https://issues.apache.org/jira/browse/CXF-3850
> Project: CXF
> Issue Type: Improvement
> Components: Services
> Affects Versions: 2.4.2
> Reporter: Anubhav Sharma
> Fix For: 2.4.3
>
> Attachments: 0001-Added-realm-validation-against-cache.patch
>
>
> SAML and UsernameToken validation should validate the realm of the incoming token against the realm of the cached token
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira