Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-3761

STSClient can't process EncryptedKey elements received from an STS

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.3.6, 2.4.2
    • 2.3.7, 2.4.3, 2.5
    • None
    • None
    • Unknown

    Description

      There is a bug in the STSClient when processing a RequestedProofToken received from an STS. This element can contain an EncryptedKey child, but the STSClient searches in the wrong namespace and so never finds the element.

      Secondly, the STSClient doesn't support the scenario where a RequestedProofToken contains a ComputedKey, and the associated Entropy element has an EncryptedKey child (instead of a BinarySecret).

      Attachments

        Activity

          People

            coheigea Colm O hEigeartaigh
            coheigea Colm O hEigeartaigh
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: