[
https://issues.apache.org/jira/browse/RAMPART-154?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12591277#action_12591277
]
Nandana Mihindukulasooriya commented on RAMPART-154:
----------------------------------------------------
Hi Rasmus,
Can you create a patch and apply it to the JIRA ?
> org.apache.rahas.client.STSClient.org.apache.rahas.processIssueResponse fails
> if SamlAssertion is issued.
> ---------------------------------------------------------------------------------------------------------
>
> Key: RAMPART-154
> URL: https://issues.apache.org/jira/browse/RAMPART-154
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Environment: Latest Rampart and Wss4j on a windows platform.
> Reporter: Rasmus Rhein Helwigh
> Assignee: Ruchith Udayanga Fernando
>
> the method processIssueResponse throws a trustexception if findIdentifier
> returns null. This is a problem since SAML Assertions don't has a AssertionID
> attribute instead of an ID attribute.
> One solution could be to look for the assertionID attribute as well. Another
> could be to ignore the ID if it isn't found.
> The example below shows a version of findIdentifier that also works with SAML
> 1.1 Assetions
> private String findIdentifier(OMElement reqAttRef,
> OMElement reqUnattRef,
> OMElement token) {
> String id;
> if (reqAttRef != null) {
> //First try the attached ref
> id = this.getIdFromSTR(reqAttRef);
> } else if (reqUnattRef != null) {
> //then try the unattached ref
> id = this.getIdFromSTR(reqUnattRef);
> } else {
> //Return wsu:Id of the token element
> id = token.getAttributeValue(new QName(WSConstants.WSU_NS, "Id"));
> if ( id == null )
> {
> id = token.getAttributeValue(new QName( "AssertionID"));
> }
> }
>
> return id;
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
