[
https://issues.apache.org/jira/browse/CXF-5424?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sergey Beryozkin resolved CXF-5424.
-----------------------------------
Resolution: Fixed
Fix Version/s: 2.7.9
3.0.0-milestone2
RACS needs to have its 'keyInfoMustBeAvailable' property set to false. The
KeyInfo will still be preferred if it is available but if it is not and the
property allows for it, then the default alias will be used to load the
certificate
> JAX-RS Security Code can not validate signed SAML2 bearer assertions without
> KeyInfo
> ------------------------------------------------------------------------------------
>
> Key: CXF-5424
> URL: https://issues.apache.org/jira/browse/CXF-5424
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS Security
> Reporter: Sergey Beryozkin
> Fix For: 3.0.0-milestone2, 2.7.9
>
>
> Signed SAML2 Bearer assertions may not always have XML Signature KeyInfo
> elements available. The JAX-RS security code fails to validate such
> assertions but it should be able to *optionally* validate them without
> KeyInfo
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
