Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.4
    • Fix Version/s: 1.5.1
    • Component/s: None
    • Labels:
      None
    • Environment:
      Win XP Professional, Axis2 1.4, Rampart 1.4

      Description

      In SAML token scenario the 'NameIdentifier' tag in the saml assertion has an attribute 'Format' which has a wrong value. Currently it is:
      <NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">CN=client</NameIdentifier>
      Since 'NameIdentifier' contains the value of the SubjectName from the X509 certificate, the correct form should be:
      <NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">CN=client</NameIdentifier>

      For more information see SAML 1.1 specifications paragraph 7.3. It can be found here: http://www.oasis-open.org/committees/download.php/3406/oasis-sstc-saml-core-1.1.pdf

      1. RAMPART-180.patch
        0.8 kB
        Thilina Buddhika

        Activity

        Hide
        Nandana Mihindukulasooriya added a comment -

        Thanks Emil, will look in to this.

        Show
        Nandana Mihindukulasooriya added a comment - Thanks Emil, will look in to this.
        Hide
        Thilina Buddhika added a comment -

        The patch attached herewith fixes this issue.

        Show
        Thilina Buddhika added a comment - The patch attached herewith fixes this issue.
        Hide
        Samisa Abeysinghe added a comment -

        Applied the patch : At revision: 1051526

        Show
        Samisa Abeysinghe added a comment - Applied the patch : At revision: 1051526

          People

          • Assignee:
            Nandana Mihindukulasooriya
            Reporter:
            Emil Pavlov
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development