Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
Latest Rampart and Wss4j on a windows platform.
Description
the method processIssueResponse throws a trustexception if findIdentifier returns null. This is a problem since SAML Assertions don't has a AssertionID attribute instead of an ID attribute.
One solution could be to look for the assertionID attribute as well. Another could be to ignore the ID if it isn't found.
The example below shows a version of findIdentifier that also works with SAML 1.1 Assetions
private String findIdentifier(OMElement reqAttRef,
OMElement reqUnattRef,
OMElement token) {
String id;
if (reqAttRef != null)
else if (reqUnattRef != null)
{ //then try the unattached ref id = this.getIdFromSTR(reqUnattRef); } else {
//Return wsu:Id of the token element
id = token.getAttributeValue(new QName(WSConstants.WSU_NS, "Id"));
if ( id == null )
}
return id;
}