axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andreas Veithen (JIRA)" <j...@apache.org>
Subject [jira] [Moved] (RAMPART-403) Error constructing valid security header for a SAML policy
Date Mon, 22 Jul 2013 18:36:49 GMT

     [ https://issues.apache.org/jira/browse/RAMPART-403?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Andreas Veithen moved AXIS-2894 to RAMPART-403:
-----------------------------------------------

        Key: RAMPART-403  (was: AXIS-2894)
    Project: Rampart  (was: Axis)
    
> Error constructing valid security header for a SAML policy
> ----------------------------------------------------------
>
>                 Key: RAMPART-403
>                 URL: https://issues.apache.org/jira/browse/RAMPART-403
>             Project: Rampart
>          Issue Type: Bug
>            Reporter: Abdul Mujeeb
>
> The endpoint web service is deployed on weblogic with a SAML policy applied on it and
expects a SAML token, but when I use Axis + Rampart + Neethi to construct an axis2 client
for the given policy.
> <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> 	xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
> 	<wsp:All>
> 		<ns1:AsymmetricBinding
> 			xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> 			<wsp:Policy>
> 				<ns1:InitiatorToken>
> 					<wsp:Policy>
> 						<ns1:X509Token
> 							ns1:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
> 							<wsp:Policy>
> 								<ns1:WssX509V3Token10 />
> 							</wsp:Policy>
> 						</ns1:X509Token>
> 					</wsp:Policy>
> 				</ns1:InitiatorToken>
> 				<ns1:RecipientToken>
> 					<wsp:Policy>
> 						<ns1:X509Token
> 							ns1:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
> 							<wsp:Policy>
> 								<ns1:WssX509V3Token10 />
> 							</wsp:Policy>
> 						</ns1:X509Token>
> 					</wsp:Policy>
> 				</ns1:RecipientToken>
> 				<ns1:AlgorithmSuite>
> 					<wsp:Policy>
> 						<ns1:Basic256 />
> 					</wsp:Policy>
> 				</ns1:AlgorithmSuite>
> 				<ns1:Layout>
> 					<wsp:Policy>
> 						<ns1:Lax />
> 					</wsp:Policy>
> 				</ns1:Layout>
> 				<ns1:IncludeTimestamp />
> 				<ns1:ProtectTokens />
> 				<ns1:OnlySignEntireHeadersAndBody />
> 			</wsp:Policy>
> 		</ns1:AsymmetricBinding>
> 		<ns2:SignedSupportingTokens
> 			xmlns:ns2="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> 			<wsp:Policy>
> 				<ns2:SamlToken
> 					ns2:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
> 					<wsp:Policy>
> 						<ns2:WssSamlV11Token10 />
> 					</wsp:Policy>
> 				</ns2:SamlToken>
> 			</wsp:Policy>
> 		</ns2:SignedSupportingTokens>
> 		<ns3:Wss10 xmlns:ns3="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> 			<wsp:Policy>
> 				<ns3:MustSupportRefKeyIdentifier />
> 				<ns3:MustSupportRefIssuerSerial />
> 			</wsp:Policy>
> 		</ns3:Wss10>
> 		<ns4:EncryptedParts
> 			xmlns:ns4="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> 			<ns4:Body />
> 		</ns4:EncryptedParts>
> 		<ns5:SignedParts
> 			xmlns:ns5="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> 			<ns5:Body />
> 		</ns5:SignedParts>
> 	</wsp:All>
> </wsp:Policy>
> The generated SOAP request doesn't include the SAML token in the SOAP message. It is
for some reason excluding signedSupportingTokens part of SAML

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message