[CXF-2487] SecureConversationTokenFinderInterceptor stores the wrong token identifier - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.2.4
Fix Version/s: 2.2.5, 2.3
Component/s: WS-* Components
Labels:
None

Description

The SecureConversationTokenFinderInterceptor in CXF has this line:

message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getID());

but it also stores the token like so:

SecurityToken token = new SecurityToken(sct.getIdentifier(), created, expires);

Then in AbstractBindingBuilder.getSecurityToken() it tries to find the token in the token store using SecurityConstants.TOKEN_ID, and an error of "No signature token id" is thrown. The SecureConversationTokenFinderInterceptor should store the Identifier of the SCT instead (getIdentifier, not getIDI()).

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

cxf-2487.patch
21/Oct/09 15:12
0.9 kB
Colm O hEigeartaigh

Activity

People

Assignee:: Daniel Kulp

Reporter:: Colm O hEigeartaigh

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 21/Oct/09 15:11

Updated:: 04/Dec/09 22:34

Resolved:: 21/Oct/09 15:29