Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-6233

STS client only sends AppliesTo on first RST call

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.0.3
    • Fix Version/s: 3.0.4
    • Component/s: STS
    • Labels:
      None
    • Estimated Complexity:
      Unknown

      Description

      The RST call from STS client (STSClient.requestSecurityToken(...)) only sends the AppliesTo element first time the call is done. On subsequent calls it is omitted.

      Apparently this happens because the IssuedTokenInterceptorProvider sets the STSClient's addressingNamespace field to null in a finally block of the issueToken(...) method (org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider line 544). The STSClient requires this field to be non-null to set the element.

      A workaround is to enable the «addressing» feature on the CXF bus. This makes sure that an AddressingProperties is available on the message context, whic STS client uses as an alternative way to get the addressingNamespace property:

          <cxf:bus>
              <cxf:features>
                  <wsa:addressing allowDuplicates="false" xmlns:wsa="http://cxf.apache.org/ws/addressing"/>
              </cxf:features>
          </cxf:bus>
      

        Attachments

          Activity

            People

            • Assignee:
              coheigea Colm O hEigeartaigh
              Reporter:
              thxmasj Thomas Johansen
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: