Release NotesKnown IssuesGeneral Issues › WS-Security SAML 1.1 Holder of Key Assertion Not Accepted More Than Once (97266)

Previous Topic: Responses Configured to Generate Signed SAML Session Tickets Using Public Key Obtained from XML Digital Signature Authentication Produce Unsigned SAML Session Tickets (98865)

Next Topic: Signing Not Working for SAML Session Tickets in SOAP Envelope (74036)

WS-Security SAML 1.1 Holder of Key Assertion Not Accepted More Than Once (97266)

SOA Security Manager does not accept a WS-Security SAML 1.1 holder of key assertion token more than once; SAML 1.1 holder of key tokens cannot therefore be used in use cases where replay is required.

Workaround

SAML 2.0 holder of key tokens work as expected and can be used in to implement use cases in which replay is required.

Copyright © 2009 CA. All rights reserved. Email CA about this topic