cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Frank Misa <>
Subject CXF SecureConversationTest - Fails to renew SCT, no examples or tests.
Date Mon, 07 Jul 2014 22:53:17 GMT
I'm struggling to get a client to renew SCT in a (SAML1.1 + SCT) scenario.
Very little documentation or test examples on this.

Using the current CXF trunk codebase - I've modified some tests to
delay/expire security token between calls.

This test seems to work - but I'm unclear - by the comment: 
>> The service endpoint must contact the STS to validate the received SCT

This test, however, fails - in a very similar fashion - to my more
complicated (SAML1.1 + SCT) case:

I've modified the test:
    public void testSecureConversation() throws Exception {
        delay(5); //delay 5 minutes

Seems SCT are not being renewed correctly ?

* Shouldn't the above test - renew SCT if tokens expired between calls ?
* Are there any tests or documentation on SCT renewal  in a (SAML1.1 + SCT)
scenario ?

Hope to hear from someone.


View this message in context:
Sent from the cxf-dev mailing list archive at

View raw message