[CXF-3761] STSClient can't process EncryptedKey elements received from an STS - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.3.6, 2.4.2
Fix Version/s: 2.3.7, 2.4.3, 2.5
Component/s: None
Labels:
None

Estimated Complexity:
Unknown

Description

There is a bug in the STSClient when processing a RequestedProofToken received from an STS. This element can contain an EncryptedKey child, but the STSClient searches in the wrong namespace and so never finds the element.

Secondly, the STSClient doesn't support the scenario where a RequestedProofToken contains a ComputedKey, and the associated Entropy element has an EncryptedKey child (instead of a BinarySecret).

Attachments

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Colm O hEigeartaigh

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 24/Aug/11 15:09

Updated:: 19/Oct/11 17:30

Resolved:: 24/Aug/11 15:37