Uploaded image for project: 'PicketLink Federated Identity'
  1. PicketLink Federated Identity
  2. PLFED-288

PicketLink STS does not support processing wst:UseKey/ds:KeyInfo Elements

    Details

      Description

      The PicketLink STS does not support processing wst:UseKey/ds:KeyInfo Elements. For example:

      <wst:UseKey>
      <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
      <ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
      <ds:X509Certificate>
      MIIEFjCC...
      </ds:X509Certificate>
      </ds:X509Data>
      </dsig:KeyInfo>
      </wst:UseKey>

      This causes the following error:

      Caused by: java.lang.RuntimeException: PL00069: Parser: Type not supported:KeyInfo
      at org.picketlink.identity.federation.core.parsers.wst.WSTRequestSecurityTokenParser.parse(WSTRequestSecurityTokenParser.java:302) [:2.0.2.Final]

      Looking at the following link, it appears that PicketLink only supports parsing UseKey/X509Certificate Elements:

      https://community.jboss.org/thread/151685

      However, for interop with other products (CXF/WCF) the request given above should be supported. For a WCF example of UseKey/KeyInfo see the following:

      http://msdn.microsoft.com/en-us/library/bb298802.aspx

      Colm.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  anil.saldhana Anil Saldanha
                  Reporter:
                  coheigea Colm O hEigeartaigh
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: