cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Glen Mazza (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CXF-4457) Extend WS-SecureConversation to support SAML Assertions for authentication
Date Mon, 10 Jun 2013 20:32:21 GMT

     [ https://issues.apache.org/jira/browse/CXF-4457?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Glen Mazza updated CXF-4457:
----------------------------

    Description: 
Hi, as shown for GlassFish Metro:
https://gist.github.com/3191480 

Support the following authentication mechanism:
1.) The WSC gets a SAML assertion from the STS.
2.) The WSC sends that SAML assertion to the WSP to get the SCT from the WSP
3.) All subsequent real calls for doubled numbers between WSC and WSP use the SCT and not
the SAML assertion.

Here is a Netbeans-generated WSDL for this scenario:
https://github.com/gmazza/blog-samples/blob/master/cxf_sts_tutorial/service/src/main/resources/DoubleItSecrConv.txt

A sample testcase that can be used (steps to use: update WSP WSDL with the one above, run
mvn clean install tomcat7:redeploy from base folder, then mvn exec:exec from client folder):
https://github.com/gmazza/blog-samples/tree/master/cxf_sts_tutorial

  was:
Hi, as shown for GlassFish Metro:
https://gist.github.com/3191480 

Support the following authentication mechanism:
1.) The WSC gets a SAML assertion from the STS.
2.) The WSC sends that SAML assertion to the WSP to get the SCT from the WSP
3.) All subsequent real calls for doubled numbers between WSC and WSP use the SCT and not
the SAML assertion.

Here is a Netbeans-generated WSDL for this scenario:
https://github.com/gmazza/blog-samples/blob/master/cxf_sts_tutorial/service/src/main/resources/DoubleItSecrConv.txt

A sample testcase that can be used (steps to use: update WSP WSDL with the one above, run
mvn clean install from base folder, then mvn exec:exec from client folder): https://github.com/gmazza/blog-samples/tree/master/cxf_sts_tutorial

    
> Extend WS-SecureConversation to support SAML Assertions for authentication
> --------------------------------------------------------------------------
>
>                 Key: CXF-4457
>                 URL: https://issues.apache.org/jira/browse/CXF-4457
>             Project: CXF
>          Issue Type: Improvement
>          Components: WS-* Components
>            Reporter: Glen Mazza
>
> Hi, as shown for GlassFish Metro:
> https://gist.github.com/3191480 
> Support the following authentication mechanism:
> 1.) The WSC gets a SAML assertion from the STS.
> 2.) The WSC sends that SAML assertion to the WSP to get the SCT from the WSP
> 3.) All subsequent real calls for doubled numbers between WSC and WSP use the SCT and
not the SAML assertion.
> Here is a Netbeans-generated WSDL for this scenario:
> https://github.com/gmazza/blog-samples/blob/master/cxf_sts_tutorial/service/src/main/resources/DoubleItSecrConv.txt
> A sample testcase that can be used (steps to use: update WSP WSDL with the one above,
run mvn clean install tomcat7:redeploy from base folder, then mvn exec:exec from client folder):
https://github.com/gmazza/blog-samples/tree/master/cxf_sts_tutorial

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message