Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-14939

Enable "org.apache.xml.security.ignoreLineBreaks=true" by default

    XMLWordPrintable

    Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 6.0.0.6, 6.5.0.1, 6.5.1, 6.5.0.2
    • 5.5.2, 7.0.0, 6.5.3
    • SAML
    • AM Sustaining Sprint 63, AM Sustaining Sprint 64
    • 2

      Description

      Problem
      Due to the use of XMLSec 2.1.x now, unless -Dorg.apache.xml.security.ignoreLineBreaks=true is set the generated SAML2 Assertions may have '#&13;' . which prior to the use of this there is no issues (say for previous AM).
      To maintain interop and better out of the box experience, it is best that this is set if the
      property is not explicitly enabled

      Many other system it seems already implement this System,setProperty("org.apache.xml.security.ignoreLineBreaks", true) just before Xmlsec Init() is called. Eg: Wss4j and Picketlink for example.

       

      Current situation:
      If any third party SP, that cannot handle exists, nearly always we need to have this switch set.

        Attachments

          Issue Links

            Activity

              People

              chee-weng.chea C-Weng C
              chee-weng.chea C-Weng C
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: