Is there a fix for PLFED-324 on JBoss EAP 6?

Solution Verified - Updated -

Issue

Is there a fix for PLFED-324 on JBoss EAP 6?

Here are the steps to reproduce the issue:

  1. Download the Picketlink examples war files, found via this link: https://docs.jboss.org/author/display/PLINK/PicketLink+Quickstarts

  2. Expand the idp.war and sales-post-valve.war files 3. Modify the idp.war's jboss-web.xml and add the following params to the valve configuration:

    <param>
    <param-name>signOutgoingMessages</param-name>
    <param-value>false</param-value>
</param>
<param>
    <param-name>ignoreIncomingSignatures</param-name>
    <param-value>true</param-value>
</param>

    This is just to get IDP working without having to configure a trust store.

  3. Modify the sales-post-valve.war's picketlink.xml and add the following handler to the end:

    <Handler
    class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AttributeHandler" />

  4. Repackage the war files

  5. Deploy to the standalone configuration
  6. Modify the standalone.xml per the picketlink quickstart instructions (ie adding a security domain for IDP and SP)
  7. Start the server.
  8. Login to the sales-post-vale application
  9. Click the link to log out and observe the exception.

Environment

  • JBoss Enterprise Application Platform
    • 6.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content