You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ws.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2014/01/14 14:07:51 UTC

[jira] [Created] (WSS-490) Derived Endorsing policy validation error

Colm O hEigeartaigh created WSS-490:
---------------------------------------

             Summary: Derived Endorsing policy validation error
                 Key: WSS-490
                 URL: https://issues.apache.org/jira/browse/WSS-490
             Project: WSS4J
          Issue Type: Bug
            Reporter: Colm O hEigeartaigh
            Assignee: Marc Giger
             Fix For: 2.0.0



There is a bug in the streaming policy validation code with derived endorsing tokens. The use-case is an Issued (SAML) token which is an Endorsing (Encrypted) token, with derived keys. 

It appears that the "signsElement" method in the InboundWSSecurityContextImpl is matching the token Id of the Derived token, instead of the (deriving) SAML Token. Hence the SAML Token is never assigned the "usage" of Endorsing.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org