You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by Massimiliano Masi <ma...@math.unifi.it> on 2009/01/13 18:10:24 UTC
Misunderstanding on processIssueResponse in stsClient
Hi,
in STSClient you have the method:
private Token processIssueResponse(int version, OMElement result,
String issuerAddress) throws TrustException {
OMElement rstr = result;
if (version == RahasConstants.VERSION_05_12) {
//The WS-SX result will be an RSTRC
rstr = result.getFirstElement();
}
The rstr is always the first element, but for WST1.3 is not
mandatory at all.
This makes the stsclient unable to get the securitytoken
from a message like:
<wst:RequestSecurityTokenResponse
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
<wst:TokenType>urn:oasis:names:tc:SAML:2.0:assertion</wst:TokenType>
<wst:RequestedAttachedReference>
<wsse:SecurityTokenReference
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference
URI="#_5d26046afa8e38339caa4e1c53735d4d"
ValueType="urn:oasis:names:tc:SAML:2.0:assertion" />
</wsse:SecurityTokenReference>
...
<wst:RequestedSecurityToken>
<saml:Assertion
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
ID="_5d26046afa8e38339caa4e1c53735d4d"
IssueInstant="2009-01-13T17:06:00.597Z" Version="2.0">
<saml:Issuer Form....
That is valid.
Am I wrong?
Thanks
Massimiliano
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.