Bug 1155870 - [GSS] (6.3.z) Cannot resolve WSS signature reference URI that points to AssertionID attribute of SAML 1.1 token
Summary: [GSS] (6.3.z) Cannot resolve WSS signature reference URI that points to Asser...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Web Services
Version: 6.3.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: CR1
: EAP 6.3.3
Assignee: baranowb
QA Contact: Rostislav Svoboda
URL:
Whiteboard:
Depends On: 1155859
Blocks: eap633-payload 1155872 1172035
TreeView+ depends on / blocked
 
Reported: 2014-10-23 04:10 UTC by Kyle Lape
Modified: 2019-08-19 12:39 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of: 1155859
: 1155872 (view as bug list)
Environment:
Last Closed: 2019-08-19 12:39:28 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Apache JIRA WSS-517 0 None None None Never

Description Kyle Lape 2014-10-23 04:10:07 UTC 
[Copied from Jira WSS-517]

When a SAML 1.1 token is referenced by an XML Signature reference URI in the SOAP message, WSS4J cannot find the assertion element. It looks like WSSecurityUtil.findSAMLAssertionElementById doesn't remove the hash symbol (#) before searching.

--- Additional comment from Kyle Lape on 2014-10-23 00:09:11 EDT ---

Commit can be seen here: https://github.com/apache/wss4j/commit/fec38d39c4c4980f119bb3d23bf034a47939ced3

No upstream release yet
Comment 8 baranowb 2014-12-09 08:33:20 UTC 
Tag is up: https://github.com/jbossas/redhat-wss4j/commits/wss4j-1.6.17.SP1
Comment 11 Rostislav Svoboda 2015-01-19 12:28:49 UTC 
Verified on EAP 6.3.3 CR.

commit https://github.com/apache/wss4j/commit/fec38d39c4c4980f119bb3d23bf034a47939ced3 is present in decompiled code
Note You need to log in before you can comment on or make changes to this bug.