PicketLink cannot decode ${...} in WEB-INF/picketlink.xml for ServiceURL element

Issue

• EAP 6.4.18 and 7.0.8 do not allow use of system properties in IDP or SP picketlink.xml

• In JBoss EAP 7.0 update 8, when a client application tries to log on using PicketLink, we get the below error, downgrading to JBoss EAP 7.0 update 7 (and earlier) there is no problem.

• This issue is observed with both ZIP and RPM installations.

Caused by: org.picketlink.common.exceptions.ProcessingException: PL00102: Processing Exception:
        at org.picketlink.common.DefaultPicketLinkLogger.processingError(DefaultPicketLinkLogger.java:174)
        at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler$SPAuthenticationHandler.generateSAMLRequest(SAML2AuthenticationHandler.java:482)
        at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler.generateSAMLRequest(SAML2AuthenticationHandler.java:156)
        at org.picketlink.identity.federation.web.process.ServiceProviderBaseProcessor.process(ServiceProviderBaseProcessor.java:188)
        ... 33 more
Caused by: java.lang.IllegalArgumentException: Illegal character in scheme name at index 0: ${myapp.sp.url::/myapp/webservices/}
        at java.net.URI.create(URI.java:852)
        at org.picketlink.identity.federation.api.saml.v2.request.SAML2Request.createAuthnRequestType(SAML2Request.java:95)
        at org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler$SPAuthenticationHandler.generateSAMLRequest(SAML2AuthenticationHandler.java:446)
        ... 35 more
Caused by: java.net.URISyntaxException: Illegal character in scheme name at index 0: ${myapp.sp.url::/myapp/webservices/}
        at java.net.URI$Parser.fail(URI.java:2848)
        at java.net.URI$Parser.checkChars(URI.java:3021)
        at java.net.URI$Parser.checkChar(URI.java:3031)
        at java.net.URI$Parser.parse(URI.java:3047)
        at java.net.URI.<init>(URI.java:588)
        at java.net.URI.create(URI.java:850)
        ... 37 more