cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] Commented: (CXF-3243) SAML 2.0 CallBackHandler support
Date Wed, 12 Jan 2011 16:39:48 GMT

    [ https://issues.apache.org/jira/browse/CXF-3243?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12980792#action_12980792
] 

Colm O hEigeartaigh commented on CXF-3243:
------------------------------------------


I'm porting WSS4J to use Opensaml2 at the moment. WSS4J 1.6 will have the ability to easily
construct SAML 1.1 and 2 assertions via a CallbackHandler implementation, e.g.:

https://svn.apache.org/repos/asf/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SAML2CallbackHandler.java

We can leave this JIRA open to add support for specifying the CallbackHandler in CXF config.

Colm.

> SAML 2.0 CallBackHandler support
> --------------------------------
>
>                 Key: CXF-3243
>                 URL: https://issues.apache.org/jira/browse/CXF-3243
>             Project: CXF
>          Issue Type: Improvement
>          Components: WS-* Components
>    Affects Versions: 2.3.1
>         Environment: Windows XP, Apache Tomcat 7.0, CXF 2.3.1
>            Reporter: David Morris
>
> Need a SAML2.0 CallbackHandler to be supported in WSS4J for CXF. (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor
class).
> Developed a 'hack' in org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor to call a
'custom' SAML2.0 CallbackHandler.  This code works for now but would like a better implementation
configurable in CXF+Spring similar to the WSPassword. I am researching for a better implementation
via the CXF source code.
> Suggestion:
> Have the SAMLCallback (SAML1.0 & SAML2.0) configurable in CXF + Spring similar to
the WSPasswordCallback.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message