Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-6537

Missing shibboleth dependency in the wss4j feature

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 3.1.2
    • 3.1.10
    • OSGi
    • None
    • Unknown

    Description

      In the default constructor of org.apache.cxf.rt.security.saml.xacml2.AbstractXACMLAuthorizingInterceptor

      ......
org.apache.wss4j.common.saml.OpenSAMLUtil.initSamlEngine();

      and the net.shibboleth.utilities.java.support.xml.BasicParserPool class is used in the OpenSAMLUtil.initSamlEngine() (wss4j version 2.1.2)

      the ClassNotFoundException will be thrown when the default constructor of AbstractXACMLAuthorizingIntercept has been invoked.

      It can be fixed by adding 

      <bundle start-level="30" dependency="true">wrap:mvn:net.shibboleth.utilities/java-support/7.1.1</bundle>

      into the wss4j feature in the apache-cxf-3.1.2-features.xml

      Or maybe changes should be made on wss4j-ws-security-common bundle, which make net.shibboleth.utilities.java.support.xml packge not optional.

      Attachments

        Activity

          People

            dkulp Daniel Kulp
            xldai Xilai Dai
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: