xwss
  1. xwss
  2. XWSS-47

Signed SAML 2.0 assertion does not validate against saml-schema-assertion-2.0.xsd when serialized

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: current
    • Fix Version/s: milestone 1
    • Component/s: www
    • Labels:
      None
    • Environment:

      Operating System: All
      Platform: All

    • Issuezilla Id:
      47

      Description

      Signed SAML 2.0 assertion does not validate against
      saml-schema-assertion-2.0.xsd when serialized. The signature should be inserted
      after the Issuer element.

      Cause of the problem is the following code:

      http://fisheye5.cenqua.com/browse/xwss/xwss-ri/src/com/sun/xml/wss/saml/assertion/saml20/jaxb20/Assertion.java?r=1.22#l355

      DOMSignContext dsc = new DOMSignContext(privKey, assertionElement);

      This statement should use the three arg constructor to prevent insertion of the
      signature at the end of the assertion:

      DOMSignContext(KeySelector ks, Node parent, Node nextSibling)

        Activity

        Hide
        walco added a comment -

        set correct version

        Show
        walco added a comment - set correct version
        Hide
        kumarjayanti added a comment -

        Started.

        Show
        kumarjayanti added a comment - Started.
        Hide
        sm228678 added a comment -

        fixed !!

        Show
        sm228678 added a comment - fixed !!

          People

          • Assignee:
            xwss-issues
            Reporter:
            walco
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: