cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (CXF-7013) SAML token using ws-security.callback-handler as for UT with ID attribute value
Date Wed, 24 Aug 2016 11:47:20 GMT

     [ https://issues.apache.org/jira/browse/CXF-7013?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Colm O hEigeartaigh reassigned CXF-7013:
----------------------------------------

    Assignee: Colm O hEigeartaigh

> SAML token using ws-security.callback-handler as for UT with ID attribute value
> -------------------------------------------------------------------------------
>
>                 Key: CXF-7013
>                 URL: https://issues.apache.org/jira/browse/CXF-7013
>             Project: CXF
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 3.0.6
>            Reporter: Grzegorz Maczuga
>            Assignee: Colm O hEigeartaigh
>            Priority: Minor
>
> Processing of SAML token results in call of configured ws-security.callback-handler same
as for Username Token.
> When CXF receives (no UT in it):
>    <wss:Security>
>       <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="Abc-1"
IssueInstant="2016-08-16T08:13:47Z" Version="2.0">
>         <saml:Issuer Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">CN=user</saml:Issuer>
>         <saml:Subject>
>           <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">some_name</saml:NameID>
>        ...         
>      </wss:Security>
> it calls configured:
>         ws-security.callback-handler=com.SecurityCallback
> with ID="Abc-1" from above Security section as username.
> Ignoring this and moving on has no impact on processing SAML token but if SecurityCallback
does some funny stuff (or at list logging) for each received UT it is really confusing.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message