cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Frank Misa <frankm...@hotmail.com>
Subject CXF SecureConversationTest - Fails to renew SCT, no examples or tests.
Date Mon, 07 Jul 2014 22:53:17 GMT
Hi,
I'm struggling to get a client to renew SCT in a (SAML1.1 + SCT) scenario.
Very little documentation or test examples on this.

Using the current CXF trunk codebase - I've modified some tests to
delay/expire security token between calls.

This test seems to work - but I'm unclear - by the comment: 
>> The service endpoint must contact the STS to validate the received SCT
org.apache.cxf.systest.sts.secure_conv.SecureConversationTest

This test, however, fails - in a very similar fashion - to my more
complicated (SAML1.1 + SCT) case:
org.apache.cxf.systest.wssec.examples.secconv.SecureConversationTest

I've modified the test:
    @org.junit.Test
    public void testSecureConversation() throws Exception {
...
        samlPort.doubleIt(25);
        
        delay(5); //delay 5 minutes
        
        samlPort.doubleIt(50);   
...
}

Seems SCT are not being renewed correctly ?

Question:
* Shouldn't the above test - renew SCT if tokens expired between calls ?
* Are there any tests or documentation on SCT renewal  in a (SAML1.1 + SCT)
scenario ?

Hope to hear from someone.

Thanks
Frank



--
View this message in context: http://cxf.547215.n5.nabble.com/CXF-SecureConversationTest-Fails-to-renew-SCT-no-examples-or-tests-tp5746139.html
Sent from the cxf-dev mailing list archive at Nabble.com.

Mime
View raw message