[JBoss JIRA] Created: (SECURITY-590) RequestAttributeFactory.createTimeAttributeType(attName, issuer) API call causes a parsing exception
10:15 p.m.
RequestAttributeFactory.createTimeAttributeType(attName, issuer) API call causes a parsing
exception
----------------------------------------------------------------------------------------------------
Key: SECURITY-590
URL: https://issues.jboss.org/browse/SECURITY-590
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: JBossXACML
Environment: Version was 2.0.6.Final
Reporter: Asankha Perera
Assignee: Anil Saldhana
Priority: Minor
Using the API call RequestAttributeFactory.createTimeAttributeType(attName, issuer) causes
a "ParsingException: couldn't create http://www.w3.org/2001/XMLSchema#time
attribute based on DOM node"
Note that with the above API call, we do not supply any time string, but assume that the
current time is used. As a comparison the similar API call
RequestAttributeFactory.createDateTimeAttributeType(attName, issuer) works without any
issues - hence it seems logical that the createTimeAttributeType() contains a possible
bug
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
5:26 p.m.
New subject: [JBoss JIRA] (SECURITY-590) RequestAttributeFactory.createTimeAttributeType(attName, issuer) API call causes a parsing exception
[
https://issues.jboss.org/browse/SECURITY-590?page=com.atlassian.jira.plug...
]
Dan Gradl commented on SECURITY-590:
------------------------------------
Actually, what you have created is an invalid RequestContext. The XACML 2.0 context
schema requires that all Attributes have 1 or more AttributeValues. In this case you
aren't constructing the XML according to the schema, but you are instantiating a XACML
request from the object model. However, this is still an invalid XACML request context.
Rather than throwing a cryptic ParsingException, it probably should validate the
RequestContext according to the same rules in the
access_control-xacml-2.0-context-schema-os.xsd and inform you that this context is
incorrectly formed.
Perhaps you were thinking about a Policy? There you can have a date time attribute and
when the policy is evaluated it will get the current environment time.
RequestAttributeFactory.createTimeAttributeType(attName, issuer) API
call causes a parsing exception
----------------------------------------------------------------------------------------------------
Key: SECURITY-590
URL: https://issues.jboss.org/browse/SECURITY-590
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: JBossXACML
Environment: Version was 2.0.6.Final
Reporter: Asankha Perera
Assignee: Anil Saldhana
Priority: Minor
Using the API call RequestAttributeFactory.createTimeAttributeType(attName, issuer)
causes a "ParsingException: couldn't create http://www.w3.org/2001/XMLSchema#time
attribute based on DOM node"
Note that with the above API call, we do not supply any time string, but assume that the
current time is used. As a comparison the similar API call
RequestAttributeFactory.createDateTimeAttributeType(attName, issuer) works without any
issues - hence it seems logical that the createTimeAttributeType() contains a possible bug
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:13 p.m.
New subject: [JBoss JIRA] (SECURITY-590) RequestAttributeFactory.createTimeAttributeType(attName, issuer) API call causes a parsing exception
[
https://issues.jboss.org/browse/SECURITY-590?page=com.atlassian.jira.plug...
]
Dan Gradl edited comment on SECURITY-590 at 11/15/11 11:12 PM:
---------------------------------------------------------------
comment withdrawn
was (Author: dgradl):
Actually, what you have created is an invalid RequestContext. The XACML 2.0 context
schema requires that all Attributes have 1 or more AttributeValues. In this case you
aren't constructing the XML according to the schema, but you are instantiating a XACML
request from the object model. However, this is still an invalid XACML request context.
Rather than throwing a cryptic ParsingException, it probably should validate the
RequestContext according to the same rules in the
access_control-xacml-2.0-context-schema-os.xsd and inform you that this context is
incorrectly formed.
Perhaps you were thinking about a Policy? There you can have a date time attribute and
when the policy is evaluated it will get the current environment time.
RequestAttributeFactory.createTimeAttributeType(attName, issuer) API
call causes a parsing exception
----------------------------------------------------------------------------------------------------
Key: SECURITY-590
URL: https://issues.jboss.org/browse/SECURITY-590
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: JBossXACML
Environment: Version was 2.0.6.Final
Reporter: Asankha Perera
Assignee: Anil Saldhana
Priority: Minor
Using the API call RequestAttributeFactory.createTimeAttributeType(attName, issuer)
causes a "ParsingException: couldn't create http://www.w3.org/2001/XMLSchema#time
attribute based on DOM node"
Note that with the above API call, we do not supply any time string, but assume that the
current time is used. As a comparison the similar API call
RequestAttributeFactory.createDateTimeAttributeType(attName, issuer) works without any
issues - hence it seems logical that the createTimeAttributeType() contains a possible bug
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:34 p.m.
New subject: [JBoss JIRA] (SECURITY-590) RequestAttributeFactory.createTimeAttributeType(attName, issuer) API call causes a parsing exception
[
https://issues.jboss.org/browse/SECURITY-590?page=com.atlassian.jira.plug...
]
Dan Gradl edited comment on SECURITY-590 at 11/15/11 11:32 PM:
---------------------------------------------------------------
At first look, I believed that this example is creating an invalid context, because an
Attribute requires an AttributeValue according to the XACML context schema. A subject,
resource, and action are required as well. So I at first concluded that the
ParseException was simply misleading as it was truly an invalid request context. If this
request was an XML request with an empty Attribute and it was validated against the schema
it would fail. However building it via the object model is providing a convenience.
The RequestAttributeFactory is built to allow you to create Date/Time/DateTime attributes
with no value provided and it will take the current system time. There is in fact an
issue with the default value it is setting.
was (Author: dgradl):
comment withdrawn
RequestAttributeFactory.createTimeAttributeType(attName, issuer) API
call causes a parsing exception
----------------------------------------------------------------------------------------------------
Key: SECURITY-590
URL: https://issues.jboss.org/browse/SECURITY-590
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: JBossXACML
Environment: Version was 2.0.6.Final
Reporter: Asankha Perera
Assignee: Anil Saldhana
Priority: Minor
Using the API call RequestAttributeFactory.createTimeAttributeType(attName, issuer)
causes a "ParsingException: couldn't create http://www.w3.org/2001/XMLSchema#time
attribute based on DOM node"
Note that with the above API call, we do not supply any time string, but assume that the
current time is used. As a comparison the similar API call
RequestAttributeFactory.createDateTimeAttributeType(attName, issuer) works without any
issues - hence it seems logical that the createTimeAttributeType() contains a possible bug
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
7:05 a.m.
New subject: [JBoss JIRA] (SECURITY-590) RequestAttributeFactory.createTimeAttributeType(attName, issuer) API call causes a parsing exception
[
https://issues.jboss.org/browse/SECURITY-590?page=com.atlassian.jira.plug...
]
Dan Gradl updated SECURITY-590:
-------------------------------
Attachment: SECURITY-590.patch
Fixed the creation of default date and time attribute values.
RequestAttributeFactory.createTimeAttributeType(attName, issuer) API
call causes a parsing exception
----------------------------------------------------------------------------------------------------
Key: SECURITY-590
URL: https://issues.jboss.org/browse/SECURITY-590
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: JBossXACML
Environment: Version was 2.0.6.Final
Reporter: Asankha Perera
Assignee: Anil Saldhana
Priority: Minor
Attachments: SECURITY-590.patch
Using the API call RequestAttributeFactory.createTimeAttributeType(attName, issuer)
causes a "ParsingException: couldn't create http://www.w3.org/2001/XMLSchema#time
attribute based on DOM node"
Note that with the above API call, we do not supply any time string, but assume that the
current time is used. As a comparison the similar API call
RequestAttributeFactory.createDateTimeAttributeType(attName, issuer) works without any
issues - hence it seems logical that the createTimeAttributeType() contains a possible bug
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
7:16 a.m.
New subject: [JBoss JIRA] (SECURITY-590) RequestAttributeFactory.createTimeAttributeType(attName, issuer) API call causes a parsing exception
[
https://issues.jboss.org/browse/SECURITY-590?page=com.atlassian.jira.plug...
]
Dan Gradl updated SECURITY-590:
-------------------------------
Attachment: SECURITY-590-v2.patch
Sorry, I didn't include the copyright header in the JUnit and it had some unused
headers, and no javadoc. Hopefully this version is better.
RequestAttributeFactory.createTimeAttributeType(attName, issuer) API
call causes a parsing exception
----------------------------------------------------------------------------------------------------
Key: SECURITY-590
URL: https://issues.jboss.org/browse/SECURITY-590
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: JBossXACML
Environment: Version was 2.0.6.Final
Reporter: Asankha Perera
Assignee: Anil Saldhana
Priority: Minor
Attachments: SECURITY-590-v2.patch, SECURITY-590.patch
Using the API call RequestAttributeFactory.createTimeAttributeType(attName, issuer)
causes a "ParsingException: couldn't create http://www.w3.org/2001/XMLSchema#time
attribute based on DOM node"
Note that with the above API call, we do not supply any time string, but assume that the
current time is used. As a comparison the similar API call
RequestAttributeFactory.createDateTimeAttributeType(attName, issuer) works without any
issues - hence it seems logical that the createTimeAttributeType() contains a possible bug
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:03 a.m.
New subject: [JBoss JIRA] (SECURITY-590) RequestAttributeFactory.createTimeAttributeType(attName, issuer) API call causes a parsing exception
[
https://issues.jboss.org/browse/SECURITY-590?page=com.atlassian.jira.plug...
]
Anil Saldhana reassigned SECURITY-590:
--------------------------------------
Assignee: Dan Gradl (was: Anil Saldhana)
RequestAttributeFactory.createTimeAttributeType(attName, issuer) API
call causes a parsing exception
----------------------------------------------------------------------------------------------------
Key: SECURITY-590
URL: https://issues.jboss.org/browse/SECURITY-590
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: JBossXACML
Environment: Version was 2.0.6.Final
Reporter: Asankha Perera
Assignee: Dan Gradl
Priority: Minor
Attachments: SECURITY-590-v2.patch, SECURITY-590.patch
Using the API call RequestAttributeFactory.createTimeAttributeType(attName, issuer)
causes a "ParsingException: couldn't create http://www.w3.org/2001/XMLSchema#time
attribute based on DOM node"
Note that with the above API call, we do not supply any time string, but assume that the
current time is used. As a comparison the similar API call
RequestAttributeFactory.createDateTimeAttributeType(attName, issuer) works without any
issues - hence it seems logical that the createTimeAttributeType() contains a possible bug
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:07 a.m.
New subject: [JBoss JIRA] (SECURITY-590) RequestAttributeFactory.createTimeAttributeType(attName, issuer) API call causes a parsing exception
[
https://issues.jboss.org/browse/SECURITY-590?page=com.atlassian.jira.plug...
]
Anil Saldhana resolved SECURITY-590.
------------------------------------
Resolution: Done
RequestAttributeFactory.createTimeAttributeType(attName, issuer) API
call causes a parsing exception
----------------------------------------------------------------------------------------------------
Key: SECURITY-590
URL: https://issues.jboss.org/browse/SECURITY-590
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: JBossXACML
Environment: Version was 2.0.6.Final
Reporter: Asankha Perera
Assignee: Dan Gradl
Priority: Minor
Fix For: picketbox_xacml_2.0.7.Final
Attachments: SECURITY-590-v2.patch, SECURITY-590.patch
Using the API call RequestAttributeFactory.createTimeAttributeType(attName, issuer)
causes a "ParsingException: couldn't create http://www.w3.org/2001/XMLSchema#time
attribute based on DOM node"
Note that with the above API call, we do not supply any time string, but assume that the
current time is used. As a comparison the similar API call
RequestAttributeFactory.createDateTimeAttributeType(attName, issuer) works without any
issues - hence it seems logical that the createTimeAttributeType() contains a possible bug
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:07 a.m.
New subject: [JBoss JIRA] (SECURITY-590) RequestAttributeFactory.createTimeAttributeType(attName, issuer) API call causes a parsing exception
[
https://issues.jboss.org/browse/SECURITY-590?page=com.atlassian.jira.plug...
]
Anil Saldhana updated SECURITY-590:
-----------------------------------
Fix Version/s: picketbox_xacml_2.0.7.Final
Forum Reference: http://community.jboss.org/message/601454 (was:
http://community.jboss.org/message/601454)
RequestAttributeFactory.createTimeAttributeType(attName, issuer) API
call causes a parsing exception
----------------------------------------------------------------------------------------------------
Key: SECURITY-590
URL: https://issues.jboss.org/browse/SECURITY-590
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: JBossXACML
Environment: Version was 2.0.6.Final
Reporter: Asankha Perera
Assignee: Dan Gradl
Priority: Minor
Fix For: picketbox_xacml_2.0.7.Final
Attachments: SECURITY-590-v2.patch, SECURITY-590.patch
Using the API call RequestAttributeFactory.createTimeAttributeType(attName, issuer)
causes a "ParsingException: couldn't create http://www.w3.org/2001/XMLSchema#time
attribute based on DOM node"
Note that with the above API call, we do not supply any time string, but assume that the
current time is used. As a comparison the similar API call
RequestAttributeFactory.createDateTimeAttributeType(attName, issuer) works without any
issues - hence it seems logical that the createTimeAttributeType() contains a possible bug
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4798
days inactive
5005
days old
8 comments
7 participants
participants (7)
-
Anil Saldhana (Assigned) (JIRA) -
Anil Saldhana (Resolved) (JIRA)
-
Anil Saldhana (Updated) (JIRA)
-
Asankha Perera (JIRA)
-
Dan Gradl (Commented) (JIRA)
-
Dan Gradl (Issue Comment Edited) (JIRA)
-
Dan Gradl (Updated) (JIRA)