Skip to Content.
Sympa Menu

mace-opensaml-users - Handle Subject with no NameID

Subject: OpenSAML user discussion

List archive

Handle Subject with no NameID


Chronological Thread 
  • From:
  • To:
  • Subject: Handle Subject with no NameID
  • Date: Tue, 14 Apr 2009 06:07:08 -0400 (EDT)

Hi,

we are still using opensaml 1.1 as our applicationservers do not yet support
saml 2.

I noticed in the sourcecode there was a bugfix solving the following issue:

The specification says that in a saml:Subject, either NameIdentifier or
ConfirmationMethod (in block SubjectConfirmation) is mandatory.
However, the javacode building a SAMLSubject out of a dom Element never reads
the SubjectConfirmation part if the NameIdentifier is null.
=> if the NameIdentifier is null, it always throws a MalformedException.

This was solved in the latest version of SAMLSubject (of saml1.1):
Revision 405 -
Modified Wed May 17 15:03:54 2006 EDT (2 years, 10 months ago) by cantor
Handle Subject with no NameID.

However,
this version of the class is not in the downloadable jar which means everyone
using the jar of opensaml 1.1 has this bug.
I can easily integrate the bugfix locally but some of our clients that will
be using opensaml1.1 to send/receive saml messages will have problems with
this unless I present them an updated jar.

Can't there be a new, official release of the jar containing the bugfix ?


Frederik



Archive powered by MHonArc 2.6.16.

Top of Page