ws-dev mailing list archives

Site index · List index

Message view	« Date » · « Thread »
Top	« Date » · « Thread »
From	"David Morris (JIRA)" <j...@apache.org>
Subject	[jira] [Created] (WSS-286) Evidence element not present in SAML AuthzDecisionStatement
Date	Thu, 19 May 2011 12:30:48 GMT
Evidence element not present in SAML AuthzDecisionStatement ----------------------------------------------------------- Key: WSS-286 URL: https://issues.apache.org/jira/browse/WSS-286 Project: WSS4J Issue Type: Bug Components: WSS4J Core, WSS4J Handlers Affects Versions: 1.6 Environment: CXF 2.4.0, WS4J 1.6.0, Windows XP, Apache Tomcat 7.0.5 Reporter: David Morris Assignee: Colm O hEigeartaigh Fix For: 1.6.1 Running SOAPUI test, the SAML AuthzDecisionStatement evidence element is not present. The code worked with openSAML2.0 and CXF 2.3.x (via interceptors) before SAMLCallBackHandler in CXF 2.4.0. Resolved issue below example. Example: <saml2:AuthzDecisionStatement> <saml2:Action.../> <saml2:Evidence...> <!-this is missing -- > <saml2:Assertion...> </saml2:Evidence> </saml2:AuthzDecisionStatement> //Build Evidence EvidenceBuilder evidenceBuilder = new EvidenceBuilder(); Evidence evidence = evidenceBuilder.buildObject(); //Build assertion for Evidence AssertionBuilder assertionBuilder = new AssertionBuilder(); Assertion assertion = assertionBuilder.buildObject(); assertion.setVersion(SAMLVersion.VERSION_20); ... authDecisionStatementBean.setEvidence(evidence); Resolution updated the createAuthorizationDecisionStatement method in org.apache.ws.security.saml.ext.builder.SAML2ComponentBuilder: /** * Create SAML2 AuthorizationDecisionStatement(s) * * @param decisionData A list of AuthDecisionStatementBean instances * @return SAML2 AuthorizationDecisionStatement(s) */ @SuppressWarnings("unchecked") public static List<AuthzDecisionStatement> createAuthorizationDecisionStatement( List<AuthDecisionStatementBean> decisionData ) { List<AuthzDecisionStatement> authDecisionStatements = new ArrayList(); if (authorizationDecisionStatementBuilder == null) { authorizationDecisionStatementBuilder = (SAMLObjectBuilder<AuthzDecisionStatement>) builderFactory.getBuilder(AuthzDecisionStatement.DEFAULT_ELEMENT_NAME); } if (decisionData != null && decisionData.size() > 0) { for (AuthDecisionStatementBean decisionStatementBean : decisionData) { AuthzDecisionStatement authDecision = authorizationDecisionStatementBuilder.buildObject(); authDecision.setResource(decisionStatementBean.getResource()); authDecision.setDecision( transformDecisionType(decisionStatementBean.getDecision()) ); for (ActionBean actionBean : decisionStatementBean.getActions()) { Action actionElement = createSamlAction(actionBean); authDecision.getActions().add(actionElement); } //Check for Evidence if (decisionStatementBean.getEvidence()!=null && decisionStatementBean.getEvidence() instanceof Evidence) { authDecision.setEvidence((Evidence)decisionStatementBean.getEvidence()); } authDecisionStatements.add(authDecision); } } return authDecisionStatements; } -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org For additional commands, e-mail: dev-help@ws.apache.org
Mime	Unnamed text/plain (inline, 7-Bit, 3721 bytes)
	View raw message