axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nandana Mihindukulasooriya <nandana....@gmail.com>
Subject Re: Misunderstanding in rampart processIssueResponse
Date Wed, 28 Jan 2009 15:06:42 GMT
Hi Massimiliano,

On Wed, Jan 28, 2009 at 7:58 PM, Massimiliano Masi <masi@math.unifi.it>wrote:

> Hello,
>
> I'm posting here since the rampart's mailing list seems to be dead.
> Is it dead? Is rampart still alive?
>

No, But during certain times developers are busy with other projects and you
might not get an answer to some of your mails. Still we try to answer most
of the questions during our free time.

in STSClient you have the method:
>
>  private Token processIssueResponse(int version, OMElement result,
>           String issuerAddress) throws TrustException {
>       OMElement rstr = result;
>       if (version == RahasConstants.VERSION_05_12) {
>           //The WS-SX result will be an RSTRCi
>           rstr = result.getFirstElement();
>       }
>
> The rstr is always the first element, but for WST1.3 is not
> mandatory at all.
>
> This makes the stsclient unable to get the securitytoken
> from a message like:
>
> <wst:RequestSecurityTokenResponse xmlns:wst="
> http://docs.oasis-open.org/ws-sx/ws-trust/200512">
>
> <wst:TokenType>urn:oasis:names:tc:SAML:2.0:assertion</wst:TokenType>
>           <wst:RequestedAttachedReference>
>              <wsse:SecurityTokenReference xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> ">
>                 <wsse:Reference URI="#_5d26046afa8e38339caa4e1c53735d4d"
> ValueType="urn:oasis:names:tc:SAML:2.0:assertion" />
>              </wsse:SecurityTokenReference>
> ...
>  <wst:RequestedSecurityToken>
>              <saml:Assertion
> xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
> ID="_5d26046afa8e38339caa4e1c53735d4d"
> IssueInstant="2009-01-13T17:06:00.597Z" Version="2.0">
>                 <saml:Issuer Form....


Yes, this seems a bug. Can you raise a JIRA and even better if you can
attach a patch too.

thanks,
nandana

-- 
Nandana Mihindukulasooriya
WSO2 inc.

http://nandana83.blogspot.com/
http://www.wso2.org

Mime
View raw message