Bug 1084600 - [GSS] (6.2.x) Backport PLINK-396
Summary: [GSS] (6.2.x) Backport PLINK-396
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: PicketLink
Version: 6.2.1
Hardware: Unspecified
OS: Unspecified
Target Milestone: CR2
: EAP 6.2.3
Assignee: Peter Skopek
QA Contact: Josef Cacek
Nichola Moore
Depends On: 1084596
Blocks: eap62-cp03-blockers 1084584
TreeView+ depends on / blocked
Reported: 2014-04-04 19:24 UTC by Derek Horton
Modified: 2018-12-05 18:02 UTC (History)
4 users (show)

In previous verions of JBoss Enterprise Application Platform 6, it was found that PicketLink's `IDPWebBrowserSSOValve` and `IDPFilter` were decoding the relaystate, which was contrary to the SAML specification. This has been addressed in this release of the product.
Clone Of: 1084595
Last Closed: 2014-06-09 12:46:56 UTC

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
JBoss Issue Tracker PLINK-396 Major Closed IDPWebBrowserSSOValve and IDPFilter are decoding the relaystate 2016-07-01 06:25 UTC

Description Derek Horton 2014-04-04 19:24:16 UTC
Backport PLINK-396

Comment 1 baranowb 2014-04-11 06:46:09 UTC
Assigning to pskopek since he pleaded to PL issues for EAP6

Comment 2 Derek Horton 2014-04-16 18:14:16 UTC
Committed to the prod-eap6.2.3 branch

Comment 3 Ondrej Lukas 2014-05-07 08:54:51 UTC
Verified in EAP 6.2.3.CR2.

Comment 4 Nichola Moore 2014-05-08 06:05:08 UTC
Please add Docs text. Thank you.

Comment 5 Scott Mumford 2014-05-22 01:06:56 UTC
Supplied Release Notes text from 6.3 stream version of this bug. Marking for inclusion in 6.2.3 document and removing NEEDINFO

Note You need to log in before you can comment on or make changes to this bug.