cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ethan Wallwork (JIRA)" <>
Subject [jira] [Created] (CXF-5133) CXF STS renewed token not itself renewable.
Date Tue, 16 Jul 2013 21:30:50 GMT
Ethan Wallwork created CXF-5133:

             Summary: CXF STS renewed token not itself renewable.
                 Key: CXF-5133
             Project: CXF
          Issue Type: Bug
          Components: STS
    Affects Versions: 2.7.5
         Environment: Windows XP, Java 1.7
            Reporter: Ethan Wallwork

When renewing a security token (a SAML assertion in my test case) the returned token cannot
be renewed again (nor can the original).  This is true even if the <Renewing/> element
is present in the renewal RST message.

It seems that the SAMLTokenRenewer class does not put the STSConstants.TOKEN_RENEWING_ALLOW
and STSConstants.TOKEN_RENEWING_ALLOW_AFTER_EXPIRY properties on the SecurityTOken placed
in the token store, which are required for renewal to later take place.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message