Bug 6568 - XACML callout does not deny with unknown obligations
: XACML callout does not deny with unknown obligations
Status: NEW
: Java WS Security
Authorization
: 4.2.1
: PC Windows XP
: P3 normal
: ---
Assigned To:
:
: OSG/EGEE_Authz_Interop
:
:
  Show dependency treegraph
 
Reported: 2008-12-10 16:30 by
Modified: 2008-12-10 16:30 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2008-12-10 16:30:57
Currently if an obligation handler is not configured for an obligation id, it
is ignored. The decision is based on the decision returned by service and
processing of the configured obligation handlers without errors.

This should be fixed such that a deny decision is returned if any of the
obligations received from the authorization service are not "understood".