[jira] [Resolved] (CXF-4254) NPE in OnlySignEntireHeadersAndBody policy validation when the STR Transform is used

[ https://issues.apache.org/jira/browse/CXF-4254?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4254. -- Resolution: Fixed > NPE in OnlySignEntireHeadersAndBody policy validation when the ST

[jira] [Resolved] (CXF-4157) Support batch processing via RequestSecurityTokenCollection.

[ https://issues.apache.org/jira/browse/CXF-4157?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4157. -- Resolution: Fixed > Support batch processing via RequestSecurityTokenCollection. > --

[jira] [Resolved] (CXF-4158) Support the renewal binding in the STS

[ https://issues.apache.org/jira/browse/CXF-4158?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4158. -- Resolution: Fixed > Support the renewal binding in the STS >

[jira] [Resolved] (CXF-4219) Switch to using EhCache for the SecurityToken caching solution in the cxf-rt-ws-security module

[ https://issues.apache.org/jira/browse/CXF-4219?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4219. -- Resolution: Fixed > Switch to using EhCache for the SecurityToken caching solution in

[jira] [Resolved] (CXF-4062) Enabling custom claim parser

[ https://issues.apache.org/jira/browse/CXF-4062?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4062. -- Resolution: Fixed Assignee: Colm O hEigeartaigh > Enabling custom claim parser

[jira] [Resolved] (CXF-4173) Support for ClaimValue element of federation claims dialect added

[ https://issues.apache.org/jira/browse/CXF-4173?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4173. -- Resolution: Fixed > Support for ClaimValue element of federation claims dialect added

[jira] [Resolved] (CXF-1636) Have WSS4J in/out interceptors require nonces and timestamps when using UsernameTokens?

[ https://issues.apache.org/jira/browse/CXF-1636?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-1636. -- Resolution: Fixed > Have WSS4J in/out interceptors require nonces and timestamps when

[jira] [Resolved] (CXF-4156) Support SymmetricKeys for Entropy/BinarySecret Elements

[ https://issues.apache.org/jira/browse/CXF-4156?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4156. -- Resolution: Fixed > Support SymmetricKeys for Entropy/BinarySecret Elements > ---

[jira] [Resolved] (CXF-4168) Support processing a KeyInfo/KeyValue child of UseKey in a RequestSecurityToken

[ https://issues.apache.org/jira/browse/CXF-4168?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4168. -- Resolution: Fixed > Support processing a KeyInfo/KeyValue child of UseKey in a > Req

[jira] [Resolved] (CXF-4166) CXF does not always respect SecurityPolicy TokenInclusion for the AsymmetricBinding

[ https://issues.apache.org/jira/browse/CXF-4166?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4166. -- Resolution: Fixed > CXF does not always respect SecurityPolicy TokenInclusion for the

[jira] [Resolved] (CXF-4161) Support processing a UseKey Element that uses a SecurityTokenReference to another token

[ https://issues.apache.org/jira/browse/CXF-4161?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4161. -- Resolution: Fixed > Support processing a UseKey Element that uses a SecurityTokenRefe

[jira] [Resolved] (CXF-4160) Support signing a SAML token using the requested signature and canonicalization algorithm

[ https://issues.apache.org/jira/browse/CXF-4160?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4160. -- Resolution: Fixed > Support signing a SAML token using the requested signature and >

[jira] [Resolved] (CXF-4078) SecurityContextToken Identifier value not an absolute URI

[ https://issues.apache.org/jira/browse/CXF-4078?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4078. -- Resolution: Fixed > SecurityContextToken Identifier value not an absolute URI > -

[jira] [Resolved] (CXF-4049) Check external CryptoProvider from message context properties in Wss4jInInterceptor

[ https://issues.apache.org/jira/browse/CXF-4049?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4049. -- Resolution: Fixed > Check external CryptoProvider from message context properties in

[jira] [Resolved] (CXF-3635) WS-Trust SPNego (WCF message level spnego)

[ https://issues.apache.org/jira/browse/CXF-3635?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3635. -- Resolution: Fixed > WS-Trust SPNego (WCF message level spnego) >

[jira] [Resolved] (CXF-2864) Support UsernameToken derived keys

[ https://issues.apache.org/jira/browse/CXF-2864?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-2864. -- Resolution: Fixed > Support UsernameToken derived keys >

[jira] [Resolved] (CXF-4034) Allow SecurityConstants.SIGNATURE_CRYPTO and ENCRYPT_CRYPTO to be used on processing side

[ https://issues.apache.org/jira/browse/CXF-4034?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4034. -- Resolution: Fixed > Allow SecurityConstants.SIGNATURE_CRYPTO and ENCRYPT_CRYPTO to be

[jira] [Resolved] (CXF-3809) Tests failing with: The signature or decryption was invalid

[ https://issues.apache.org/jira/browse/CXF-3809?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3809. -- Resolution: Fixed > Tests failing with: The signature or decryption was invalid > ---

[jira] [Resolved] (CXF-4099) SignedParts, EncryptedParts policy assertions are silently ignored on the client side if specified alone

[ https://issues.apache.org/jira/browse/CXF-4099?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4099. -- Resolution: Fixed > SignedParts, EncryptedParts policy assertions are silently ignore

[jira] [Resolved] (CXF-4092) Confusing error message "No initiator token id" in AssymetricBindingHandler

[ https://issues.apache.org/jira/browse/CXF-4092?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4092. -- Resolution: Fixed > Confusing error message "No initiator token id" in AssymetricBind

[jira] [Resolved] (CXF-4052) Crypto cache issues and the PolicyBasedWSS4JInInterceptor used as a singleton

[ https://issues.apache.org/jira/browse/CXF-4052?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4052. -- Resolution: Fixed > Crypto cache issues and the PolicyBasedWSS4JInInterceptor used as

[jira] [Resolved] (CXF-4012) The AlgorithmSuite class does not use the WS-SP standard maximum symmetric key size

[ https://issues.apache.org/jira/browse/CXF-4012?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4012. -- Resolution: Fixed > The AlgorithmSuite class does not use the WS-SP standard maximum

[jira] [Resolved] (CXF-4011) The STS SAML DefaultSubjectProvider does not set the encryption algorithm when building an EncryptedKey

[ https://issues.apache.org/jira/browse/CXF-4011?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4011. -- Resolution: Fixed > The STS SAML DefaultSubjectProvider does not set the encryption a

[jira] [Resolved] (CXF-4010) Add ability to specific EncryptionProperties per STS instance

[ https://issues.apache.org/jira/browse/CXF-4010?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-4010. -- Resolution: Fixed > Add ability to specific EncryptionProperties per STS instance > -

[jira] [Resolved] (CXF-3865) Asymmetric Encryption - alias is null during decryption using private key

[ https://issues.apache.org/jira/browse/CXF-3865?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3865. -- Resolution: Cannot Reproduce I need a test-case that reproduces the problem. Colm.

[jira] [Resolved] (CXF-3970) Patch: InitiatorEncryptionToken, RecipientSignatureToken, RecipientEncryptionToken support in WS Sec Policy

[ https://issues.apache.org/jira/browse/CXF-3970?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3970. -- Resolution: Fixed > Patch: InitiatorEncryptionToken, RecipientSignatureToken, > Reci

[jira] [Resolved] (CXF-3960) Patch for InitiatorSignatureToken Support in WS-Policy definition

[ https://issues.apache.org/jira/browse/CXF-3960?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3960. -- Resolution: Fixed > Patch for InitiatorSignatureToken Support in WS-Policy definition

[jira] [Resolved] (CXF-3948) CXF 2.3.x does not configure the Future TTL value for Timestamp processing

[ https://issues.apache.org/jira/browse/CXF-3948?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3948. -- Resolution: Fixed Assignee: Colm O hEigeartaigh > CXF 2.3.x does not configure

[jira] [Resolved] (CXF-3929) Present realm ignored by TokenValidateOperation for TokenValidator

[ https://issues.apache.org/jira/browse/CXF-3929?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3929. -- Resolution: Fixed > Present realm ignored by TokenValidateOperation for TokenValidato

[jira] [Resolved] (CXF-3928) Add token validation for OnBehalfOf element in TokenIssueOperation

[ https://issues.apache.org/jira/browse/CXF-3928?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3928. -- Resolution: Fixed > Add token validation for OnBehalfOf element in TokenIssueOperatio

[jira] [Resolved] (CXF-3931) STS SAMLTokenValidator doesn't validate condition

[ https://issues.apache.org/jira/browse/CXF-3931?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3931. -- Resolution: Fixed > STS SAMLTokenValidator doesn't validate condition > -

[jira] [Resolved] (CXF-3924) Support to configure keystore per SAML realm

[ https://issues.apache.org/jira/browse/CXF-3924?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3924. -- Resolution: Fixed > Support to configure keystore per SAML realm > --

[jira] [Resolved] (CXF-3922) Support for KerberosToken in RST if LdapClaimsHandler used

[ https://issues.apache.org/jira/browse/CXF-3922?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3922. -- Resolution: Fixed > Support for KerberosToken in RST if LdapClaimsHandler used >

[jira] [Resolved] (CXF-3923) Support for OnBehalfOf in SAMLTokenProvider

[ https://issues.apache.org/jira/browse/CXF-3923?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3923. -- Resolution: Fixed > Support for OnBehalfOf in SAMLTokenProvider > ---

[jira] [Resolved] (CXF-3225) Add support for saml tokens in sp:InitiatorToken

[ https://issues.apache.org/jira/browse/CXF-3225?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3225. -- Resolution: Fixed This is now fixed and a test has been added to the CXF system tests. C

[jira] [Resolved] (CXF-3811) New SecurityTokenService (STS) implementation

[ https://issues.apache.org/jira/browse/CXF-3811?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3811. -- Resolution: Fixed > New SecurityTokenService (STS) implementation > -

[jira] [Resolved] (CXF-3857) Support for subclassing of STSClient and adding Claims to RST

[ https://issues.apache.org/jira/browse/CXF-3857?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3857. -- Resolution: Fixed > Support for subclassing of STSClient and adding Claims to RST > -

[jira] [Resolved] (CXF-3850) SAML and UsernameToken validation should validate the realm of the incoming token against cached tokens

[ https://issues.apache.org/jira/browse/CXF-3850?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3850. -- Resolution: Fixed > SAML and UsernameToken validation should validate the realm of th

[jira] [Resolved] (CXF-3835) SAML and Username tokens should be cached in the STS service

[ https://issues.apache.org/jira/browse/CXF-3835?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3835. -- Resolution: Fixed > SAML and Username tokens should be cached in the STS service > --

[jira] [Resolved] (CXF-3826) Implementation of caching in STS

[ https://issues.apache.org/jira/browse/CXF-3826?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3826. -- Resolution: Fixed > Implementation of caching in STS > --

[jira] [Resolved] (CXF-3827) Cancelling a SCT with STS is missing verification of proof of possession key

[ https://issues.apache.org/jira/browse/CXF-3827?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3827. -- Resolution: Fixed > Cancelling a SCT with STS is missing verification of proof of pos