Loses track of IdP name when processing unsigned response with encrypted assertion

Basics

Technical

Logistics

Basics

Technical

Logistics

Description

SAML 2 handler doesn't save off the issuer if the outer response is unsigned and encryption is used. Results in a session with no IdP recorded, with possibly bad side effects as well.

Will add a block to prevent that case from getting through the handler and fix the problem.

Environment

None

Activity

Show:

Scott Cantor June 23, 2009 at 12:46 PM

Closing after releases.

Scott Cantor January 12, 2009 at 1:48 PM

http://svn.middleware.georgetown.edu/view/cpp-sp?view=rev&revision=2930

Fixed

Pinned fields

Click on the next to a field label to start pinning.

Details

Assignee

Scott Cantor

Reporter

Scott Cantor

Components

Fix versions

2.2

Affects versions

2.0

2.1

Created January 12, 2009 at 1:34 PM

Updated June 23, 2009 at 12:46 PM

Resolved January 12, 2009 at 1:48 PM

Configure