cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ethan Wallwork (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CXF-5305) STSClient does not send Renewing element in renewal RequestSecurityToken message
Date Fri, 27 Sep 2013 00:11:03 GMT
Ethan Wallwork created CXF-5305:
-----------------------------------

             Summary: STSClient does not send Renewing element in renewal RequestSecurityToken
message
                 Key: CXF-5305
                 URL: https://issues.apache.org/jira/browse/CXF-5305
             Project: CXF
          Issue Type: Bug
          Components: STS
    Affects Versions: 2.7.7
            Reporter: Ethan Wallwork


STSClient does not add a Renewing element to the RequestSecurityToken message when performing
a renew, regardless of the value of sendRenewing (or allowRenewing or allowRenewingAfterExpiry).

This does not prevent prevent a renewal from being renewed because that is allowed by default,
but it does prevent a renewal from being renewed after expiry (OK=true attribute) when that
option is enabled.

The client is also unable to prevent a renewal from being renewable (using the Allow=false
attribute) however I'm not sure the client would ever attempt that anyway since the same restriction
would be on the originally issued token so you would never get that far.

See AbstractSTSClient#renew(SecurityToken) line 955 which I believe needs code similar to
AbstractSTSClient#issue(String,String,String,String) lines 745-755.


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message