You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2014/01/14 14:07:51 UTC
[jira] [Created] (WSS-490) Derived Endorsing policy validation
error
Colm O hEigeartaigh created WSS-490:
---------------------------------------
Summary: Derived Endorsing policy validation error
Key: WSS-490
URL: https://issues.apache.org/jira/browse/WSS-490
Project: WSS4J
Issue Type: Bug
Reporter: Colm O hEigeartaigh
Assignee: Marc Giger
Fix For: 2.0.0
There is a bug in the streaming policy validation code with derived endorsing tokens. The use-case is an Issued (SAML) token which is an Endorsing (Encrypted) token, with derived keys.
It appears that the "signsElement" method in the InboundWSSecurityContextImpl is matching the token Id of the Derived token, instead of the (deriving) SAML Token. Hence the SAML Token is never assigned the "usage" of Endorsing.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org