You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "Andreas Veithen (JIRA)" <ji...@apache.org> on 2015/12/27 10:09:49 UTC
[jira] [Resolved] (RAMPART-387) Rampart reports SAML Token Missing
In Request
[ https://issues.apache.org/jira/browse/RAMPART-387?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andreas Veithen resolved RAMPART-387.
-------------------------------------
Resolution: Fixed
Fix Version/s: 1.7.0
1.6.4
This change was implemented in RAMPART-381.
> Rampart reports SAML Token Missing In Request
> ---------------------------------------------
>
> Key: RAMPART-387
> URL: https://issues.apache.org/jira/browse/RAMPART-387
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.6.2
> Environment: Windows 7 64; Axis2/Rampart deployment in Tomcat
> Reporter: Brian Reinhold
> Labels: newbie
> Fix For: 1.6.4, 1.7.0
>
>
> When sending a message containing a SAML Token generated by Rampart's STS service, the module PolicyBasedResultsValidator.handleSupportingTokens() throws a RampartException with
> message "samlTokenMissing".
> I believe the error is due to only attempting to validate an unsigned token. The token created by the STS service is signed as it must be by WS Security requirements.
> Starting at line 323 one sees:
> else if (token instanceof IssuedToken)
> {
> //TODO is is enough to check for ST_UNSIGNED results ??
> WSSecurityEngineResult samlResult = WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
> if (samlResult == null)
> {
> throw new RampartException("samlTokenMissing");
> }
> There needs to be a check for ST_SIGNED.
> I do not know how to build the distribution or I would try this myself.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org