PicketLink patches to work with Novell NAM IDP

Solution Unverified - Updated -

Environment

  • Red Hat JBoss Enterprise Application Platform
    • 6.1.0

Issue

PicketLink patches to work with Novell NAM IDP

Resolution

Multiple fixes for PicketLink are required to allow interaction with Novell Access Manager (NAM):

  • PLFED-392 - PicketLink based SP's need to support different login and logout URLs
  • PLINK-166 - SAML2LogoutHandler throws NPE in the absence of Success status code at SP
  • PLINK-178 - XML parsing issues with SAML messages from Novell Access Manager
  • PLINK-245 - SP AuthnRequest should add authncontextclassref that should be configurable
  • PLINK-263 - Base64 encoding of the secret key configurable for ws-trust
  • PLINK2-1 - Signed logout request does not contain the "Destination" attribute
  • PLINK2-51 - SAML 2.0 Subject EncryptedKey should contain KeyInfo
  • PLINK2-67 - Setting to have XMLSignatureUtil return keyinfo in x509 format instead of RSA format
  • PLINK2-85 - Support SessionIndex when issuing assertions and logout requests
  • PLINK2-104 - SP should read/recognize the SingleLogoutLocation ResponseLocation attribute in the metadata

The PicketLink roll-up patch for EAP 6.1.0 is available for download from the support portal

These are all incorporated in EAP 6.2 - we strongly advice customers to upgrade to 6.2

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.