Return-Path: X-Original-To: apmail-cxf-issues-archive@www.apache.org Delivered-To: apmail-cxf-issues-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D397D76F7 for ; Tue, 1 Nov 2011 17:11:59 +0000 (UTC) Received: (qmail 72130 invoked by uid 500); 1 Nov 2011 17:11:59 -0000 Delivered-To: apmail-cxf-issues-archive@cxf.apache.org Received: (qmail 72058 invoked by uid 500); 1 Nov 2011 17:11:59 -0000 Mailing-List: contact issues-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list issues@cxf.apache.org Received: (qmail 72026 invoked by uid 99); 1 Nov 2011 17:11:59 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 01 Nov 2011 17:11:59 +0000 X-ASF-Spam-Status: No, hits=-2001.2 required=5.0 tests=ALL_TRUSTED,RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 01 Nov 2011 17:11:55 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id 11B9832C1CF for ; Tue, 1 Nov 2011 17:11:34 +0000 (UTC) Date: Tue, 1 Nov 2011 17:11:34 +0000 (UTC) From: "Colm O hEigeartaigh (Resolved) (JIRA)" To: issues@cxf.apache.org Message-ID: <830579849.46474.1320167494073.JavaMail.tomcat@hel.zones.apache.org> In-Reply-To: <4138971.80441293790905534.JavaMail.jira@thor> Subject: [jira] [Resolved] (CXF-3225) Add support for saml tokens in sp:InitiatorToken MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/CXF-3225?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-3225. -------------------------------------- Resolution: Fixed This is now fixed and a test has been added to the CXF system tests. Colm. > Add support for saml tokens in sp:InitiatorToken > ------------------------------------------------ > > Key: CXF-3225 > URL: https://issues.apache.org/jira/browse/CXF-3225 > Project: CXF > Issue Type: New Feature > Components: WS-* Components > Affects Versions: 2.3.1 > Reporter: Willem Salembier > Assignee: Colm O hEigeartaigh > Fix For: 2.4.4, 2.5.1 > > > Currently CXF does not support SAML tokens to be used as InitiatorToken in Asymmetric bindings, where as the certificate referred to in the SAML assertion signs the message content (eg SAML Holder of Key scenarios). > chapter 6 Scenario #4 - Holder-of-Key (p28) > http://www.oasis-open.org/committees/download.php/23071/ws-sp-usecases-examples-draft-11-03.doc > chapter 2.3.1.5 (WSS1.0) SAML10 Holder of Key, Sign, Optional Encrypt > http://www.oasis-open.org/committees/download.php/7702/wss-saml-interop1-draft-12.doc > When the contains an or a instead of , CXF signs the request and adds a BST by default. CXF does not ask for a SAML token and it is impossible to construct a message signature which SignatureTokenReference contains a reference to the SAML assertion (http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID) > > ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID"> > _a75adf55-01d7-40cc-929f-dbd8372ebdfc > > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira