[JBPAPP-7853] Subelements of <saml2:Subject> are not parsed correctly - JBoss Issue Tracker

XML

Word

Printable

Details

Type: Sub-task
Status: Closed (View Workflow)
Priority: Major
Resolution: Done
Affects Version/s: None
Fix Version/s: EAP_EWP 5.2.0
Component/s: PicketLink
Labels:
- picketlink

Affects:

Release Notes
Estimated Difficulty:
Low
Release Notes Text:

Hide
The <systemitem>SAMLSubjectParser</systemitem> did not support the <saml2:NameID> subelement within the <saml2:SubjectConfirmation> subelement of the <saml2:Subject> element. If it found the <saml2:NameID> subelement, it parsed it incorrectly and threw the following exception:

<screen>
java.lang.ClassCastException: com.ctc.wstx.evt.CompactStartElement cannot be cast to javax.xml.stream.events.EndElement
        at org.picketlink.identity.federation.core.parsers.saml.SAMLSubjectParser.parse(SAMLSubjectParser.java:123)
        at org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser.parse(SAMLAssertionParser.java:148)
        at org.picketlink.identity.federation.core.parsers.saml.SAMLParser.parse(SAMLParser.java:76)
</screen>

This update modifies the <systemitem>SAMLSubjectParser</systemitem> to support the <saml2:NameID> subelement within the previously mentioned elements. The <saml2:NameID> subelement is now parsed correctly and the exception cited above is no longer thrown.

Show
The <systemitem>SAMLSubjectParser</systemitem> did not support the <saml2:NameID> subelement within the <saml2:SubjectConfirmation> subelement of the <saml2:Subject> element. If it found the <saml2:NameID> subelement, it parsed it incorrectly and threw the following exception: <screen> java.lang.ClassCastException: com.ctc.wstx.evt.CompactStartElement cannot be cast to javax.xml.stream.events.EndElement         at org.picketlink.identity.federation.core.parsers.saml.SAMLSubjectParser.parse(SAMLSubjectParser.java:123)         at org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser.parse(SAMLAssertionParser.java:148)         at org.picketlink.identity.federation.core.parsers.saml.SAMLParser.parse(SAMLParser.java:76) </screen> This update modifies the <systemitem>SAMLSubjectParser</systemitem> to support the <saml2:NameID> subelement within the previously mentioned elements. The <saml2:NameID> subelement is now parsed correctly and the exception cited above is no longer thrown.
Release Notes Docs Status:
Documented as Resolved Issue
Docs QE Status:
NEW

Description

PLFED is expecting a <saml2:SubjectConfirmationData> subelement within <saml2:Subject>. If it doesn't find one, it will parse the closing <saml2:Subject> tag incorrectly, throwing a ClassCastException:

java.lang.ClassCastException: com.ctc.wstx.evt.CompactStartElement cannot be cast to javax.xml.stream.events.EndElement

        at org.picketlink.identity.federation.core.parsers.saml.SAMLSubjectParser.parse(SAMLSubjectParser.java:123)

        at org.picketlink.identity.federation.core.parsers.saml.SAMLAssertionParser.parse(SAMLAssertionParser.java:148)

        at org.picketlink.identity.federation.core.parsers.saml.SAMLParser.parse(SAMLParser.java:76)

This goes against the specification, which does not allow <saml2:SubjectConfirmationData> elements to be direct children of <saml2:Subject>.

See http://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf , page 18.

Gliffy Diagrams

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

jbpapp-7853.diff
3 kB
22/Feb/12 3:51 PM

Issue Links

cloned from

PLFED-251 Subelements of <saml2:Subject> are not parsed correctly

Resolved

Activity

People

Assignee:

Josef Cacek

Reporter:

Kyle Lape

Writer:

Petr Penicka

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

04/Jan/12 9:26 AM

Updated:

19/Sep/12 7:32 AM

Resolved:

29/Feb/12 5:24 PM