Bug 3528 – Action Operation Namespace in SAML Authorization Callout

Bug 3528 - Action Operation Namespace in SAML Authorization Callout

Summary:

Action Operation Namespace in SAML Authorization Callout

Status:	RESOLVED FIXED

Product:	Java WS Security
Component:	Authorization
Version:	4.0.0
Platform:	PC All

Importance:	P3 minor
Target Milestone:	---
Assigned To:	Rachana Ananthakrishnan

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2005-06-28 11:49 by David Del Vecchio
Modified:	2005-07-18 14:55 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From David Del Vecchio 2005-06-28 11:49:47

When the SAML authz callout makes an authorization request it includes an
Action
element consisting of both a Namespace attribute and a text string. For
operation invocations, the OGSA Authz Service spec defines the proper action
Namespace as:
http://www.gridforum.org/namespaces/2003/06/ogsa-authz/saml/action/operation

but the SAML authz callout currently uses:
http://www.gridforum.org/namespaces/2003/06/ogsa-authorization/saml/action/operation

The class
org.globus.wsrf.impl.security.authorization.SAMLAuthorizationConstants
seems to contain the offending string constant.

------- Comment #1 From Rachana Ananthakrishnan 2005-07-18 14:55:25 -------

Fixed in trunk and 4.0 branch.