[RAMPART-180] Wrong NameIdentifier format - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.4
Fix Version/s: 1.5.1
Component/s: None
Labels:
None
Environment:
Win XP Professional, Axis2 1.4, Rampart 1.4

Description

In SAML token scenario the 'NameIdentifier' tag in the saml assertion has an attribute 'Format' which has a wrong value. Currently it is:
<NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">CN=client</NameIdentifier>
Since 'NameIdentifier' contains the value of the SubjectName from the X509 certificate, the correct form should be:
<NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">CN=client</NameIdentifier>

For more information see SAML 1.1 specifications paragraph 7.3. It can be found here: http://www.oasis-open.org/committees/download.php/3406/oasis-sstc-saml-core-1.1.pdf

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

RAMPART-180.patch
21/Dec/10 14:30
0.8 kB
Thilina Mahesh Buddhika

Activity

People

Assignee:: Nandana Mihindukulasooriya

Reporter:: Emil Pavlov

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 03/Jul/08 08:12

Updated:: 21/Dec/10 15:28

Resolved:: 21/Dec/10 15:28