July 2009 - jboss-identity-issues

[JBoss JIRA] Created: (JBID-145) IDFedLSInputResolver should be made default for schema resolution

by Anil Saldhana (JIRA)

IDFedLSInputResolver should be made default for schema resolution ----------------------------------------------------------------- Key: JBID-145 URL: https://jira.jboss.org/jira/browse/JBID-145 Project: JBoss Identity Issue Type: Feature Request Components: Identity-Federation Reporter: Anil Saldhana Assignee: Anil Saldhana Fix For: IDFED-1.0.0.beta1 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 9 months

1
4
0 / 0

[JBoss JIRA] Created: (JBID-148) DocumentUtil transformer output properties

by Anil Saldhana (JIRA)

DocumentUtil transformer output properties ------------------------------------------ Key: JBID-148 URL: https://jira.jboss.org/jira/browse/JBID-148 Project: JBoss Identity Issue Type: Feature Request Components: Identity-Federation Affects Versions: IDFED-1.0.0.alpha4 Reporter: Anil Saldhana Assignee: Anil Saldhana Fix For: IDFED-1.0.0.beta1 transformer.setOutputProperty(OutputKeys.INDENT, "no"); -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 9 months

1
4
0 / 0

[JBoss JIRA] Created: (JBID-146) JAXBUtil: Marshaller setProperty formatted output should be false

by Anil Saldhana (JIRA)

JAXBUtil: Marshaller setProperty formatted output should be false ----------------------------------------------------------------- Key: JBID-146 URL: https://jira.jboss.org/jira/browse/JBID-146 Project: JBoss Identity Issue Type: Bug Reporter: Anil Saldhana Assignee: Anil Saldhana It will add newlines etc that can invalidate signatures. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 9 months

1
6
0 / 0

[JBoss JIRA] Updated: (JBID-132) redirect binding computes incorrect signatures for SAML responses

by Anil Saldhana (JIRA)

[ https://jira.jboss.org/jira/browse/JBID-132?page=com.atlassian.jira.plugi... ] Anil Saldhana updated JBID-132: ------------------------------- Fix Version/s: IDFED-1.0.0.alpha5 (was: IDFED-1.0.0.beta1) > redirect binding computes incorrect signatures for SAML responses > ----------------------------------------------------------------- > > Key: JBID-132 > URL: https://jira.jboss.org/jira/browse/JBID-132 > Project: JBoss Identity > Issue Type: Bug > Components: Identity-Federation > Affects Versions: IDFED-1.0.0.alpha3 > Reporter: Marcel Kolsteren > Assignee: Anil Saldhana > Fix For: IDFED-1.0.0.alpha5 > > Attachments: JBID-132.txt > > > When using the HTTP/Redirect binding with signature support, the signatures for SAMLResponse messages are incorrect. This is caused by the computeSignature method in the RedirectBindingSignatureUtil. This method is called for requests as well as for responses, but when it constructs the string that needs to be signed, it always uses "SAMLRequest": > sb.append("SAMLRequest=").append(urlEncodedRequest); -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 9 months

1
0
0 / 0

[JBoss JIRA] Created: (JBID-149) SAML2Request/SAML2Response: getBinder methods to return the JAXB Binder

by Anil Saldhana (JIRA)

SAML2Request/SAML2Response: getBinder methods to return the JAXB Binder ----------------------------------------------------------------------- Key: JBID-149 URL: https://jira.jboss.org/jira/browse/JBID-149 Project: JBoss Identity Issue Type: Feature Request Components: Identity-Federation Affects Versions: IDFED-1.0.0.alpha4 Reporter: Anil Saldhana Assignee: Anil Saldhana Fix For: IDFED-1.0.0.beta1 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 9 months

1
4
0 / 0

[JBoss JIRA] Created: (JBID-150) API to invoke a XACML PDP using SAML2 payload in SOAP messages

by Anil Saldhana (JIRA)

API to invoke a XACML PDP using SAML2 payload in SOAP messages -------------------------------------------------------------- Key: JBID-150 URL: https://jira.jboss.org/jira/browse/JBID-150 Project: JBoss Identity Issue Type: Feature Request Components: Identity-Federation Reporter: Anil Saldhana Assignee: Anil Saldhana Fix For: IDFED-1.0.0.alpha5 The feature described in http://www.jboss.org/community/wiki/SAMLv2andXACMLv2Integration is a heavily sought after feature in highly secure environments. We need an api to make this XACML authorization request call across to a PDP trying to shield out the complex saml/soap message construction from the user. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 9 months

1
1
0 / 0

[JBoss JIRA] Created: (JBID-142) SP Post Form Authenticator that can handle signatures

by Anil Saldhana (JIRA)

SP Post Form Authenticator that can handle signatures ----------------------------------------------------- Key: JBID-142 URL: https://jira.jboss.org/jira/browse/JBID-142 Project: JBoss Identity Issue Type: Feature Request Components: Identity-Federation Reporter: Anil Saldhana Assignee: Anil Saldhana Fix For: IDFED-1.0.0.beta1 Currently we do not have a form authenticator doing POST on the SP end that can handle signatures. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 9 months

1
2
0 / 0

[JBoss JIRA] Created: (JBID-144) SPPostFormAuthenticator needs to use the validate method return value

by Anil Saldhana (JIRA)

SPPostFormAuthenticator needs to use the validate method return value --------------------------------------------------------------------- Key: JBID-144 URL: https://jira.jboss.org/jira/browse/JBID-144 Project: JBoss Identity Issue Type: Sub-task Affects Versions: IDFED-1.0.0.alpha4 Reporter: Anil Saldhana Assignee: Anil Saldhana Fix For: IDFED-1.0.0.alpha5 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 9 months

1
1
0 / 0

[JBoss JIRA] Created: (JBID-143) IDPWebBrowserSSOValve needs to use the validate method return value

by Anil Saldhana (JIRA)

IDPWebBrowserSSOValve needs to use the validate method return value ------------------------------------------------------------------- Key: JBID-143 URL: https://jira.jboss.org/jira/browse/JBID-143 Project: JBoss Identity Issue Type: Bug Reporter: Anil Saldhana Assignee: Anil Saldhana Fix For: IDFED-1.0.0.alpha5 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 9 months

1
1
0 / 0

[JBoss JIRA] Closed: (JBID-133) HTTP/Redirect binding : signature validation results are ignored (at the SP side as well as at the IDP side)

by Anil Saldhana (JIRA)

[ https://jira.jboss.org/jira/browse/JBID-133?page=com.atlassian.jira.plugi... ] Anil Saldhana closed JBID-133. ------------------------------ Resolution: Done > HTTP/Redirect binding : signature validation results are ignored (at the SP side as well as at the IDP side) > ------------------------------------------------------------------------------------------------------------ > > Key: JBID-133 > URL: https://jira.jboss.org/jira/browse/JBID-133 > Project: JBoss Identity > Issue Type: Bug > Components: Identity-Federation > Affects Versions: IDFED-1.0.0.alpha3 > Reporter: Marcel Kolsteren > Assignee: Anil Saldhana > Fix For: IDFED-1.0.0.alpha5 > > > When using signatures in the HTTP/Redirect binding, incorrect signatures don't lead to a negative authentication result. > This is caused by the IDPRedirectValve and the SPRedirectFormAuthenticator. Both classes have a validate method that is overridden by the signature-enabled subclass. In both classes, the validate method is called, but the boolean result is ignored: > this.validate(request); -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 9 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

jboss-identity-issues July 2009