[CXF-5098] References to Kerberos Tokens are not created correctly in responses - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.6.9, 2.7.6
Component/s: None
Labels:
None

Estimated Complexity:
Unknown

Description

When a service secured with a KerberosToken policy assertion responds to the client, it is incorrectly using a wsse:Reference to the original BinarySecurityToken in some cases. Instead it should be using a KeyIdentifier with the SHA-1 of the AP-REQ bytes.

Attachments

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Colm O hEigeartaigh

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 27/Jun/13 14:08

Updated:: 14/Aug/13 15:49

Resolved:: 27/Jun/13 14:40