Word - ForgeRock JIRA
Werbung
[OPENAM-1221] WSSAgent can not sign request if security mechanism
'X509Token' and Signing Reference Type 'KeyIdentifier Reference' is
configured in Web Service Client profile Created: 29/Mar/12 Updated: 15/Feb/13 Resolved: 15/Feb/13
Status:
Project:
Component/s:
Affects
Version/s:
Fix Version/s:
Closed
OpenAM
web services security agents
10.0.0-EA, 10.0.0
Type:
Reporter:
Resolution:
Labels:
Remaining
Estimate:
Time Spent:
Original
Estimate:
Environment:
Bug
bthalmayr
Fixed
release-notes
Not Specified
9.5.5, 10.0.1, 10.1.0-Xpress
Priority:
Assignee:
Votes:
Major
bthalmayr
0
Not Specified
Not Specified
JAX-WS WSS Agent nightly build running in Tomcat 6.0.3x, OpenAM 10EA running in Tomcat 6.0.3x, Metro 2.2, JAX-WS 2.2, SecureStockService
sample from WSS Agent distribution.
Description
Web Service Client profile:
UserCredential=UserName:test|UserPassword:test
EncryptionAlgorithm=AES
isRequestHeaderEncrypt=false
forceUserAuthn=false
includeMemberships=false
isPassThroughSecurityToken=false
SecurityMech=urn:sun:wss:security:null:X509Token
DnsClaim=wsc
isResponseEncrypt=false
publicKeyAlias=test
sunIdentityServerDeviceStatus=Active
keepSecurityHeaders=true
EncryptionStrength=128
isRequestSign=true
useDefaultStore=true
userpassword=
{SHA-1}
W6ph5Mm5Pz8GgiULbPgzG37mj9g=
isRequestEncrypt=false
privateKeyAlias=test
SignedElements=Body
AttributeNamespace=http://www.sun.com
SigningRefType=KeyIdentifierRef
isResponseSign=true
When hitting the 'GetQuote' button the following exception is thrown ...
Mar 29, 2012 2:29:01 PM com.sun.identity.wssagents.jaxws.client.ClientHandler handleMessage
SEVERE: ClientHandler.secureRequest failed :
com.sun.identity.wss.security.SecurityException: Unable to sign.
at com.sun.identity.wss.security.handler.SecureSOAPMessage.signWithBinaryToken(SecureSOAPMessage.jav
at com.sun.identity.wss.security.handler.SecureSOAPMessage.sign(SecureSOAPMessage.java:671)
at com.sun.identity.wss.security.handler.SOAPRequestHandler.secureRequest(SOAPRequestHandler.java:787)
at com.sun.identity.wssagents.jaxws.client.ClientHandler.handleMessage(ClientHandler.java:122)
at com.sun.identity.wssagents.jaxws.client.ClientHandler.handleMessage(ClientHandler.java:49)
at com.sun.xml.ws.handler.HandlerProcessor.callHandleMessage(HandlerProcessor.java:297)
at com.sun.xml.ws.handler.HandlerProcessor.callHandlersRequest(HandlerProcessor.java:138)
at com.sun.xml.ws.handler.ClientSOAPHandlerTube.callHandlersOnRequest(ClientSOAPHandlerTube.java:14
at com.sun.xml.ws.handler.HandlerTube.processRequest(HandlerTube.java:127)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)
at com.sun.xml.ws.client.Stub.process(Stub.java:429)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:168)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:119)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:102)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:151)
at $Proxy38.getStockQuote(Unknown Source)
at com.sun.stockquote.GetQuote.getStockQuote(Unknown Source)
at com.sun.stockquote.GetQuote.processRequest(Unknown Source)
at com.sun.stockquote.GetQuote.doGet(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.sun.identity.wssagents.jaxws.client.ClientFilter.doFilter(ClientFilter.java:88)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:619)
libSAML debug logs shows ...
libSAML:03/29/2012 02:29:01:322 PM CEST: Thread[http-8080-1,5,main]
KeyTable size = 1
libSAML:03/29/2012 02:29:01:323 PM CEST: Thread[http-8080-1,5,main]
SAMLUtils.generated ID is: s8c29bf51ea8caa7beaf84a59d258c4a79961210e
libSAML:03/29/2012 02:29:01:328 PM CEST: Thread[http-8080-1,5,main]
SAMLUtils.generated ID is: sd609b8945b555aaf41d35435f98866e8f9747fd8
libSAML:03/29/2012 02:29:01:328 PM CEST: Thread[http-8080-1,5,main]
SAMLUtils.generated ID is: s2bd43eb65d7dbeb12e219ba8bac374cd498e14a1
libSAML:03/29/2012 02:29:01:335 PM CEST: Thread[http-8080-1,5,main]
KeyTable size = 1
libSAML:03/29/2012 02:29:01:338 PM CEST: Thread[http-8080-1,5,main]
WSSSignatureProvider.signWithWSSToken: Document to be signed : <S:Envelope
xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><ns2:QuoteRequest
xmlns:ns2="http://sun.com/stockquote.xsd"><Symbol>JAVA</Symbol></ns2:QuoteRequest></S:Body></S:En
libSAML:03/29/2012 02:29:01:341 PM CEST: Thread[http-8080-1,5,main]
ERROR: WSSSignatureProvider: signWithBinaryTokenProfile Exception:
java.lang.NullPointerException
at com.sun.identity.wss.xmlsig.WSSSignatureProvider.signWithBinarySecurityToken(WSSSignatureProvider.ja
at com.sun.identity.wss.xmlsig.WSSSignatureProvider.signWithBinarySecurityToken(WSSSignatureProvider.ja
at
com.sun.identity.saml.xmlsig.XMLSignatureManager.signWithBinarySecurityToken(XMLSignatureManager.ja
at com.sun.identity.wss.security.handler.SecureSOAPMessage.signWithBinaryToken(SecureSOAPMessage.jav
at com.sun.identity.wss.security.handler.SecureSOAPMessage.sign(SecureSOAPMessage.java:671)
at com.sun.identity.wss.security.handler.SOAPRequestHandler.secureRequest(SOAPRequestHandler.java:787)
at com.sun.identity.wssagents.jaxws.client.ClientHandler.handleMessage(ClientHandler.java:122)
at com.sun.identity.wssagents.jaxws.client.ClientHandler.handleMessage(ClientHandler.java:49)
at com.sun.xml.ws.handler.HandlerProcessor.callHandleMessage(HandlerProcessor.java:297)
at com.sun.xml.ws.handler.HandlerProcessor.callHandlersRequest(HandlerProcessor.java:138)
at com.sun.xml.ws.handler.ClientSOAPHandlerTube.callHandlersOnRequest(ClientSOAPHandlerTube.java:140
at com.sun.xml.ws.handler.HandlerTube.processRequest(HandlerTube.java:127)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)
at com.sun.xml.ws.client.Stub.process(Stub.java:429)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:168)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:119)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:102)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:151)
at $Proxy38.getStockQuote(Unknown Source)
at com.sun.stockquote.GetQuote.getStockQuote(Unknown Source)
at com.sun.stockquote.GetQuote.processRequest(Unknown Source)
at com.sun.stockquote.GetQuote.doGet(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.sun.identity.wssagents.jaxws.client.ClientFilter.doFilter(ClientFilter.java:88)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:619)
WebServiceSecurity debug log shows ...
WebServicesSecurity:03/29/2012 02:29:01:196 PM CEST: Thread[http-8080-1,5,main]
SOAPRequestHandler.Init map:
WebServicesSecurity:03/29/2012 02:29:01:207 PM CEST: Thread[http-8080-1,5,main]
SOAPRequestHandler.secureRequest: Provider configuration from shared map is null
WebServicesSecurity:03/29/2012 02:29:01:207 PM CEST: Thread[http-8080-1,5,main]
AgentProvider: name = StockServicetype = WSCAgent
WebServicesSecurity:03/29/2012 02:29:01:279 PM CEST: Thread[http-8080-1,5,main]
AgentProvider.init Provider configuration:
{privateKeyAlias=[test], KerberosServicePrincipal=[], KeyStorePassword=[], isRequestSign=[true],
DetectMessageReplay=[], useDefaultStore=[true], NameIDMapper=[], EncryptionStrength=[128],
SignedElements=[Body], isVerifyKrbSignature=[], publicKeyAlias=[test], serviceType=[], isResponseSign=[tru
SigningRefType=[KeyIdentifierRef], DnsClaim=[wsc], AttributeNamespace=[http://www.sun.com],
privateKeyType=[], keepSecurityHeaders=[true], KerberosDomainServer=[], forceUserAuthn=[false],
EncryptionAlgorithm=[AES], KeyStoreFile=[], isRequestEncrypt=[false], TokenConversionType=[],
authenticationChain=[], KerberosDomain=[], SecurityMech=[urn:sun:wss:security:null:X509Token],
includeMemberships=[false], isRequestHeaderEncrypt=[false], SAMLAttributeMapping=[],
KerberosTicketCacheDir=[], UserCredential=[UserName:test|UserPassword:test], WSPEndpoint=[],
WSPProxyEndpoint=[], KerberosKeyTabFile=[], KeyPassword=[], DetectUserTokenReplay=[],
isPassThroughSecurityToken=[false], STS=[], Discovery=[], isResponseEncrypt=[false]}
WebServicesSecurity:03/29/2012 02:29:01:279 PM CEST: Thread[http-8080-1,5,main]
AgentProvider: name = StockServicetype = WSCAgent
WebServicesSecurity:03/29/2012 02:29:01:319 PM CEST: Thread[http-8080-1,5,main]
AgentProvider.init Provider configuration:
{privateKeyAlias=[test], KerberosServicePrincipal=[], KeyStorePassword=[], isRequestSign=[true],
DetectMessageReplay=[], useDefaultStore=[true], NameIDMapper=[], EncryptionStrength=[128],
SignedElements=[Body], isVerifyKrbSignature=[], publicKeyAlias=[test], serviceType=[], isResponseSign=[tru
SigningRefType=[KeyIdentifierRef], DnsClaim=[wsc], AttributeNamespace=[http://www.sun.com],
privateKeyType=[], keepSecurityHeaders=[true], KerberosDomainServer=[], forceUserAuthn=[false],
EncryptionAlgorithm=[AES], KeyStoreFile=[], isRequestEncrypt=[false], TokenConversionType=[],
authenticationChain=[], KerberosDomain=[], SecurityMech=[urn:sun:wss:security:null:X509Token],
includeMemberships=[false], isRequestHeaderEncrypt=[false], SAMLAttributeMapping=[],
KerberosTicketCacheDir=[], UserCredential=[UserName:test|UserPassword:test], WSPEndpoint=[],
WSPProxyEndpoint=[], KerberosKeyTabFile=[], KeyPassword=[], DetectUserTokenReplay=[],
isPassThroughSecurityToken=[false], STS=[], Discovery=[], isResponseEncrypt=[false]}
WebServicesSecurity:03/29/2012 02:29:01:320 PM CEST: Thread[http-8080-1,5,main]
SOAPRequestHandler.secureRequest: Generate security tokens locally
WebServicesSecurity:03/29/2012 02:29:01:320 PM CEST: Thread[http-8080-1,5,main]
getSecurityToken: SecurityMechanism URI : urn:sun:wss:security:null:X509Token
WebServicesSecurity:03/29/2012 02:29:01:323 PM CEST: Thread[http-8080-1,5,main]
SOAPRequestHandler.getSecurityToken:: creating X509 token
WebServicesSecurity:03/29/2012 02:29:01:326 PM CEST: Thread[http-8080-1,5,main]
SecureSOAPMessage.Input SOAP message : <S:Envelope
xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><ns2:QuoteRequest
xmlns:ns2="http://sun.com/stockquote.xsd"><Symbol>JAVA</Symbol></ns2:QuoteRequest></S:Body></S:En
WebServicesSecurity:03/29/2012 02:29:01:328 PM CEST: Thread[http-8080-1,5,main]
SecureSOAPMessage.Input SOAP message After normalization: <S:Envelope
xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><ns2:QuoteRequest
xmlns:ns2="http://sun.com/stockquote.xsd"><Symbol>JAVA</Symbol></ns2:QuoteRequest></S:Body></S:En
WebServicesSecurity:03/29/2012 02:29:01:328 PM CEST: Thread[http-8080-1,5,main]
SecureSOAPMessage.addSecurityHeader:: preparing the security header
WebServicesSecurity:03/29/2012 02:29:01:342 PM CEST: Thread[http-8080-1,5,main]
ERROR: SecureSOAPMessage.signWithBinaryToken:: Signature Exception.
com.sun.identity.saml.xmlsig.XMLSignatureException
at com.sun.identity.wss.xmlsig.WSSSignatureProvider.signWithBinarySecurityToken(WSSSignatureProvider.ja
at com.sun.identity.wss.xmlsig.WSSSignatureProvider.signWithBinarySecurityToken(WSSSignatureProvider.ja
at
com.sun.identity.saml.xmlsig.XMLSignatureManager.signWithBinarySecurityToken(XMLSignatureManager.ja
at com.sun.identity.wss.security.handler.SecureSOAPMessage.signWithBinaryToken(SecureSOAPMessage.jav
at com.sun.identity.wss.security.handler.SecureSOAPMessage.sign(SecureSOAPMessage.java:671)
at com.sun.identity.wss.security.handler.SOAPRequestHandler.secureRequest(SOAPRequestHandler.java:787)
at com.sun.identity.wssagents.jaxws.client.ClientHandler.handleMessage(ClientHandler.java:122)
at com.sun.identity.wssagents.jaxws.client.ClientHandler.handleMessage(ClientHandler.java:49)
at com.sun.xml.ws.handler.HandlerProcessor.callHandleMessage(HandlerProcessor.java:297)
at com.sun.xml.ws.handler.HandlerProcessor.callHandlersRequest(HandlerProcessor.java:138)
at com.sun.xml.ws.handler.ClientSOAPHandlerTube.callHandlersOnRequest(ClientSOAPHandlerTube.java:140
at com.sun.xml.ws.handler.HandlerTube.processRequest(HandlerTube.java:127)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)
at com.sun.xml.ws.client.Stub.process(Stub.java:429)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:168)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:119)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:102)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:151)
at $Proxy38.getStockQuote(Unknown Source)
at com.sun.stockquote.GetQuote.getStockQuote(Unknown Source)
at com.sun.stockquote.GetQuote.processRequest(Unknown Source)
at com.sun.stockquote.GetQuote.doGet(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.sun.identity.wssagents.jaxws.client.ClientFilter.doFilter(ClientFilter.java:88)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:619)
Comments
Comment by bthalmayr [ 29/Mar/12 ]
Document to be singed looks like this ...
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<ns2:QuoteRequest xmlns:ns2="http://sun.com/stockquote.xsd">
<Symbol>JAVA</Symbol>
</ns2:QuoteRequest>
</S:Body>
</S:Envelope>
code tries to find Element
<wsse:Security xmlns:wsse="http://docs.oasis-open.or .....>
Obviously it's not there ...
Comment by bthalmayr [ 30/Mar/12 ]
Either 'javax.xml.soap.SOAPMessage.writeTo(OutputStream out) [implemented by
'com.sun.xml.messaging.saaj.soap.ver1_1.Message1_1Impl'] or
'com.sun.identity.shared.xml.XMLUtils.toDOMDocument(InputStream is, Debug debug)' looses the wsse securi
header elements
Enhanced debug output reveals the following ...
WebServicesSecurity:03/30/2012 08:28:15:547 PM CEST: Thread[http-8080-1,5,main]
SecureSOAPMessage.Output SOAP message: <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelop
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility1.0.xsd"><S:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"
S:mustUnderstand="1"><wsu:Timestamp
wsu:Id="sc57f806c5ee1e44c67199e1bf4ca6ca07fd31d3b"><wsu:Created>2012-0330T18:28:15Z</wsu:Created><wsu:Expires>2012-0330T18:33:15Z</wsu:Expires></wsu:Timestamp></wsse:Security></S:Header><S:Body
wsu:Id="scab2112b141b907b3d2a001de0f02eb48eacfc92"><ns2:QuoteRequest
xmlns:ns2="http://sun.com/stockquote.xsd"><Symbol>JAVA</Symbol></ns2:QuoteRequest></S:Body></S:En
WebServicesSecurity:03/30/2012 08:28:15:555 PM CEST: Thread[http-8080-1,5,main]
SecureSOAPMessage.toDocument: Converted SOAPMessage: <S:Envelope
xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><ns2:QuoteRequest
xmlns:ns2="http://sun.com/stockquote.xsd"><Symbol>JAVA</Symbol></ns2:QuoteRequest></S:Body></S:En
Comment by bthalmayr [ 30/Mar/12 ]
According to debugger session
'com.sun.xml.messaging.saaj.soap.ver1_1.Message1_1Impl' seems to loose it
Comment by bthalmayr [ 10/Apr/12 ]
'soapMessage.saveChanges()' needs to be called prior to 'soapMessage.writeTo(Outputstream)' if the soapMessa
been manipulated somehow.
Unfortunately 'soapMessage.saveRequired()' may not detect changes to the soapMessage.
According to SAAJ source code 'soapMessage.getSOAPPart()' always returns a new copy of the soapPart.
Comment by bthalmayr [ 11/Apr/12 ]
Fixed with R1904
Comment by bthalmayr [ 11/Apr/12 ]
Fix had to be backout from trunk as it has been closed for OpenAM 10 release
Comment by bthalmayr [ 30/Apr/12 ]
Fixed with R1948
Comment by Mark Craig [ 12/Feb/13 ]
Re-opening only to add the release-notes label
Comment by Mark Craig [ 12/Feb/13 ]
Closing again, having added the release-notes label
Generated at Wed Apr 05 11:55:58 BST 2017 using JIRA 7.2.2#72004sha1:9d5132893cc8c728a3601a9034a1f8547ef5c7be.