JDK-6713838 : JSR 105 DOMCryptoContext.setIdAttributeNS not working when validating signatures
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.xml.crypto
  • Affected Version: 6
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • OS: solaris_10
  • CPU: sparc
  • Submitted: 2008-06-12
  • Updated: 2012-10-23
  • Resolved: 2008-09-03
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 6
6u10 b31Fixed
Description
Some users have been hitting this bug with JDK 6. It has already been fixed in the 
Apache XMLSec implementation (see https://issues.apache.org/bugzilla/show_bug.cgi?id=39273)
but needs to be patched in JDK 6.

Comments
EVALUATION This bug can cause applications that validate XML Signatures to fail. It has been reported when validating signed SAML assertions, which is a web services security feature supported by our products such as AccessManager. This is a pretty serious bug without an obvious workaround. It is an easy, low risk fix and it has already been fixed in the Apache XMLSec code.
11-08-2008

EVALUATION Yes, this is a bug that should be fixed.
06-08-2008