[
https://issues.apache.org/jira/browse/RAMPART-156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12598244#action_12598244
]
Rasmus Rhein Helwigh commented on RAMPART-156:
----------------------------------------------
The problem is that WCF's implementation of SAML Security Token, only sets
these dates on the saml 1.1 assertion, and as I can see it is not possible to
set the elements on the RSTR.
A solution to the problem could be to detect that the token contains a saml
assertion, and then retrieve the ValidFrom / ValidTo from within this
assertion? I can make a new patch with this fix if you like.
Note: There are a number of other issues that show up when using the SAML 1.1
Assertions. Right now I have a modified version of Rampart and WSS4J that works
with SAML and WCF, but I don't know if it will break other features.
> org.apache.rahas.Token constructor expects lifetimeelement to be present, but
> the element is optional according to the standard.
> --------------------------------------------------------------------------------------------------------------------------------
>
> Key: RAMPART-156
> URL: https://issues.apache.org/jira/browse/RAMPART-156
> Project: Rampart
> Issue Type: Bug
> Components: rampart-trust
> Environment: Latest trunk of rampart + wss4j on windows xp.
> Reporter: Rasmus Rhein Helwigh
> Assignee: Nandana Mihindukulasooriya
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> The org.apache.rahas.client.STSClient.processIssueResponse class tries to
> create a Token object with lifetime object as an argument. This lifetime
> object is optional, but the Token constructor fails if it's null.
> Since SAML1.1 has it's own lifetime element build into the assertion, it
> doesn't need to use the Token lifetime element, so it would be nice if this
> element could be optional.
> Index:
> C:/src/Main/java/Rampart-svn/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java
> ===================================================================
> ---
> C:/src/Main/java/Rampart-svn/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java
> (revision 650441)
> +++
> C:/src/Main/java/Rampart-svn/modules/rampart-trust/src/main/java/org/apache/rahas/Token.java
> (working copy)
> @@ -151,7 +151,8 @@
> tokenElem.getXMLStreamReader());
> stAXOMBuilder.setNamespaceURIInterning(true);
> this.token = stAXOMBuilder.getDocumentElement();
> - this.processLifeTime(lifetimeElem);
> + if ( lifetimeElem != null )
> + this.processLifeTime(lifetimeElem);
> }
>
> /**
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
