Uploaded image for project: 'PicketLink Federated Identity'
  1. PicketLink Federated Identity
  2. PLFED-288

PicketLink STS does not support processing wst:UseKey/ds:KeyInfo Elements

This issue belongs to an archived project. You can view it, but you can't modify it. Learn more

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: PLFED_2.1.1.Final
    • Component/s: STS
    • Labels:
      None

      Description

      The PicketLink STS does not support processing wst:UseKey/ds:KeyInfo Elements. For example:

      <wst:UseKey>
      <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
      <ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
      <ds:X509Certificate>
      MIIEFjCC...
      </ds:X509Certificate>
      </ds:X509Data>
      </dsig:KeyInfo>
      </wst:UseKey>

      This causes the following error:

      Caused by: java.lang.RuntimeException: PL00069: Parser: Type not supported:KeyInfo
      at org.picketlink.identity.federation.core.parsers.wst.WSTRequestSecurityTokenParser.parse(WSTRequestSecurityTokenParser.java:302) [:2.0.2.Final]

      Looking at the following link, it appears that PicketLink only supports parsing UseKey/X509Certificate Elements:

      https://community.jboss.org/thread/151685

      However, for interop with other products (CXF/WCF) the request given above should be supported. For a WCF example of UseKey/KeyInfo see the following:

      http://msdn.microsoft.com/en-us/library/bb298802.aspx

      Colm.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              anil.saldhana Anil Saldanha (Inactive)
              Reporter:
              coheigea Colm O hEigeartaigh (Inactive)
              Archiver:
              samahaja Sagar Mahajan

                Dates

                Created:
                Updated:
                Resolved:
                Archived: