[CXF-5424] JAX-RS Security Code can not validate signed SAML2 bearer assertions without KeyInfo - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.0.0-milestone2
Component/s: JAX-RS Security
Labels:
None

Estimated Complexity:
Unknown

Description

Signed SAML2 Bearer assertions may not always have XML Signature KeyInfo elements available. The JAX-RS security code fails to validate such assertions but it should be able to optionally validate them without KeyInfo

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Sergey Beryozkin

Votes:: 1 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 27/Nov/13 11:11

Updated:: 05/Sep/16 10:48

Resolved:: 23/Dec/13 17:49