axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sagara Gunathunga (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (RAMPART-387) Rampart reports SAML Token Missing In Request
Date Tue, 04 Dec 2012 07:33:58 GMT

     [ https://issues.apache.org/jira/browse/RAMPART-387?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Sagara Gunathunga  updated RAMPART-387:
---------------------------------------

    Fix Version/s:     (was: 1.6.2)
                   1.6.3
    
> Rampart reports SAML Token Missing In Request
> ---------------------------------------------
>
>                 Key: RAMPART-387
>                 URL: https://issues.apache.org/jira/browse/RAMPART-387
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-core
>    Affects Versions: 1.6.2
>         Environment: Windows 7 64; Axis2/Rampart deployment in Tomcat
>            Reporter: Brian Reinhold
>              Labels: newbie
>             Fix For: 1.6.3
>
>
> When sending a message containing a SAML Token generated by Rampart's STS service, the
module PolicyBasedResultsValidator.handleSupportingTokens() throws a RampartException with

> message "samlTokenMissing".
> I believe the error is due to only attempting to validate an unsigned token. The token
created by the STS service is signed as it must be by WS Security requirements. 
> Starting at line 323 one sees:
>             else if (token instanceof IssuedToken)
>             {
>                 //TODO is is enough to check for ST_UNSIGNED results ??
>                 WSSecurityEngineResult samlResult = WSSecurityUtil.fetchActionResult(results,
WSConstants.ST_UNSIGNED);
>                 if (samlResult == null)
>                 {
>                     throw new RampartException("samlTokenMissing");
>                 }
> There needs to be a check for ST_SIGNED.
> I do not know how to build the distribution or I would try this myself.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message