Bug 6568 – XACML callout does not deny with unknown obligations

Bug 6568 - XACML callout does not deny with unknown obligations

Summary:

XACML callout does not deny with unknown obligations

Status:	NEW

Product:	Java WS Security
Component:	Authorization
Version:	4.2.1
Platform:	PC Windows XP

Importance:	P3 normal
Target Milestone:	---
Assigned To:	Rachana Ananthakrishnan

URL:
Keywords:	OSG/EGEE_Authz_Interop

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2008-12-10 16:30 by Rachana Ananthakrishnan
Modified:	2008-12-10 16:30 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Rachana Ananthakrishnan 2008-12-10 16:30:57

Currently if an obligation handler is not configured for an obligation id, it
is ignored. The decision is based on the decision returned by service and
processing of the configured obligation handlers without errors.

This should be fixed such that a deny decision is returned if any of the
obligations received from the authorization service are not "understood".