[jira] [Commented] (RAMPART-362) Inter-operable issue with verifying signature and decrypting message with KeyInfo element when SAML token is used as protected token with WCF client

Wed, 06 Nov 2024 07:26:26 -0800 


    [ 
https://issues.apache.org/jira/browse/RAMPART-362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17896006#comment-17896006
 ] 

Robert Lazarski commented on RAMPART-362:
-----------------------------------------

I reviewed these patches and one of them changes WSS4J - but that project has 
drastically changed since then and a lot of the patch won't apply anymore. 

I tried to understand it to apply what I could. However, I can't find 
WSConstants.SAML_ASSERTION_IDENTIFIER in any history of WSS4J and I am confused 
by it. 

I need help understanding this more, so I am moving this issue to 2.0.0 and if 
no one responds after all this time I may mark it as incomplete. Unfortunately, 
these patches didn't get reviewed for too long. 

> Inter-operable issue with verifying signature and decrypting message with 
> KeyInfo element when SAML token is used as protected token with WCF client 
> -----------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: RAMPART-362
>                 URL: https://issues.apache.org/jira/browse/RAMPART-362
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-core
>    Affects Versions: 1.6.0
>            Reporter: asela pathberiya
>            Assignee: Robert Lazarski
>            Priority: Major
>             Fix For: 1.8.0
>
>         Attachments: saml-wcf-rampart.patch, saml-wcf-wss4j.patch
>
>
> Following error is generated in WCF client side  when verifying signature in 
> response message.  Fix for this issue may be in rampart and also in wss4j 
> source.  
> Unhandled Exception: System.ServiceModel.Security.MessageSecurityException: 
> Cannot resolve KeyInfo for verifying signature: KeyInfo 'SecurityKeyIdentifier
>     (
>     IsReadOnly = False,
>     Count = 1,
>     Clause[0] = LocalIdKeyIdentifierClause(LocalId = 
> '_726a85456101f8593e525eef434eec24', Owner = '')
>     )
> ', available tokens 'SecurityTokenResolver
>     (
>     TokenCount = 1, 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org

Reply via email to