cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (Resolved) (JIRA)" <>
Subject [jira] [Resolved] (CXF-3225) Add support for saml tokens in sp:InitiatorToken
Date Tue, 01 Nov 2011 17:11:34 GMT


Colm O hEigeartaigh resolved CXF-3225.

    Resolution: Fixed

This is now fixed and a test has been added to the CXF system tests.

> Add support for saml tokens in sp:InitiatorToken
> ------------------------------------------------
>                 Key: CXF-3225
>                 URL:
>             Project: CXF
>          Issue Type: New Feature
>          Components: WS-* Components
>    Affects Versions: 2.3.1
>            Reporter: Willem Salembier
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.4.4, 2.5.1
> Currently CXF does not support SAML tokens to be used as InitiatorToken in Asymmetric
bindings, where as the certificate referred to in the SAML assertion signs the message content
(eg SAML Holder of Key scenarios).
> chapter 6 Scenario #4 - Holder-of-Key (p28)
> chapter (WSS1.0) SAML10 Holder of Key, Sign, Optional Encrypt
> When the <sp:InitiatorToken> contains an <sp:IssuedToken> or a <sp:SamlToken>
instead of <sp:WssX509V3Token10>, CXF signs the request and adds a BST by default. CXF
does not ask for a SAML token and it is impossible to construct a message signature which
SignatureTokenReference contains a reference to the SAML assertion (
>    <wsse:SecurityTokenReference wsu:id="STR1">
>     <wsse:KeyIdentifier wsu:id="..."
>       ValueType="">
>       _a75adf55-01d7-40cc-929f-dbd8372ebdfc
>     </wsse:KeyIdentifier>	
>    </wsse:SecurityTokenReference>

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:!default.jspa
For more information on JIRA, see:


View raw message