cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Russell Orf (JIRA)" <>
Subject [jira] [Commented] (CXF-7536) STRTransform TransformException when manually adding SAML Assertion via SAMLCallback.setAssertionElement()
Date Wed, 01 Nov 2017 13:21:00 GMT


Russell Orf commented on CXF-7536:

I have confirmed that the header security blocks now reflect the desired format. This appears
to be fixed for the client side.

An unrelated issue: I'm trying to generate the Java binding classes using wsdl2java for a
SwA WSDL and getting errors. I see this issue has been reported in the past (CXF-284, CXF-1352)
and is labelled "Fixed", however a comment notes "this SwA wsdl is not supported by CXF".
Are SwA WSDLs supported by CXF? How can I generate the Java bindings for a SwA WSDL using

> STRTransform TransformException when manually adding SAML Assertion via SAMLCallback.setAssertionElement()
> ----------------------------------------------------------------------------------------------------------
>                 Key: CXF-7536
>                 URL:
>             Project: CXF
>          Issue Type: Bug
>         Environment: Apache Tomcat 8.0.37
>            Reporter: Russell Orf
>            Assignee: Colm O hEigeartaigh
>            Priority: Major
>              Labels: security
>             Fix For: 3.1.14, 3.2.1
>         Attachments: catalina.out, service-client.war
> In Apache CXF v3.1.7, I have a JAX-WS web service client calling a service that requires
a HolderOfKey SAML Assertion. The assertions are from a custom service that does not adhere
to the WS-Trust SecureTokenService standard, so I am adding them manually in a SAMLCallbackHander,
using the callback.setAssertionElement() method.
> When invoking the client, the WSS4J framework is unable to compute the signature for
the SecurityTokenReference header block, throwing the below error:
> {{
> javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.dsig.TransformException:
org.apache.wss4j.common.ext.WSSecurityException: Referenced token "id-of-SAML-assertion" not
> at org.apache.wss4j.dom.str.STRParserUtil.getTokenElement(
> at org.apache.wss4j.dom.transform.STRTransformUtil.dereferenceSTR(
> at org.apache.wss4j.dom.transform.STRTransform.transformIt(}}
> It appears that the SAML assertion DOM Element that is added via the callback.setAssertionElement()
method is not getting searched by the STRParserUtil.getTokenElement() method.

This message was sent by Atlassian JIRA

View raw message