Bug 1065068 - [GSS] (6.2.x) STR-Transform SAML 2.0 Sender Vouches for IssuedToken in WS-Policy doesn't work
Summary: [GSS] (6.2.x) STR-Transform SAML 2.0 Sender Vouches for IssuedToken in WS-Pol...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Web Services
Version: 6.2.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: CR2
: EAP 6.2.2
Assignee: Alessio Soldano
QA Contact: Rostislav Svoboda
Russell Dickenson
URL:
Whiteboard:
Depends On:
Blocks: 1040729
TreeView+ depends on / blocked
 
Reported: 2014-02-13 20:14 UTC by Kyle Lape
Modified: 2018-12-04 17:28 UTC (History)
5 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2014-06-02 12:49:39 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Apache JIRA CXF-5503 0 None None None Never

Description Kyle Lape 2014-02-13 20:14:00 UTC 
When an STS issues a SenderVouches SAML 2.0 Assertion, a CXF client does not correctly sign the Assertion via a SecuritTokenReference transform in the service request.
Comment 1 Kyle Lape 2014-02-13 20:15:14 UTC 
This is released in CXF 2.7.10, so it would be included if we upgraded to 2.7.10.
Comment 4 Petr Sakař 2014-03-10 09:41:11 UTC 
The issue is in regards to the WS-Trust functionality provided by CXF, which is considered tech preview in EAP 6.2 and as such is not tested by QE. We verified only that upgraded version of CXF contained in EAP-6.2.2.CP.CR2 did not introduced any regresion
Comment 5 Scott Mumford 2014-03-12 22:39:12 UTC 
Does this issue require an entry in the EAP 6.2.2 Release Notes?

If so, please populate the details in the Doc Text field to allow ECS to begin drafting a note for it.

Note: "$THING was broken and now $THING is fixed" is not a suitable release note draft.
Note You need to log in before you can comment on or make changes to this bug.