[prev in list] [next in list] [prev in thread] [next in thread]
List: xmlrpc-user
Subject: Re: Appending a Saml Token DOM to header with WSS4J
From: Colm O hEigeartaigh <coheigea () apache ! org>
Date: 2011-06-24 11:35:08
Message-ID: BANLkTik6diy=KbVvK08D0U_Jnsbw2vFXSg () mail ! gmail ! com
[Download RAW message or body]
Hi Alexandre,
The SAMLTokenUnsignedAction is designed for the case of creating a
(unsigned) SAML Assertion and attaching it to the security header. The
use-case your are describing of obtaining a SAML Token from an STS is
different to the above scenario, and so I recommend you create a
custom Action implementation for this.
Colm.
On Fri, Jun 24, 2011 at 4:54 AM, Alexandre Beaupre
<beaupre_a@hotmail.com> wrote:
> Hi All,
>
> I have a question regarding wss4j 1.6.1.
>
> I'm trying to use the SAMLTokenUnsignedAction so that it will append a saml
> assertion DOM (retrieved from a STS) in my security header.
> The assertion is retrieved in my SAMLIssuer has an Element. The assertion
> is complete and already signed.
>
> The problem is that instead of simply appending the Element in the security
> header, I notice that wss4j
> 1) Unmarhsalled the Element as an XmlObject in the AssertionWrapper
> constructor,
> 2) "Re"marshalled the XmlObject to an Element in the toDom() method
> 3) Tries to sign the XmlObject (which always crash)
>
> Why doesn't wss4j simply append the Element Assertion as it is in the
> security header ? Is there another way to do this ?
>
> Thanks!
> Alexandre Beaupré
>
--
Colm O hEigeartaigh
http://coheigea.blogspot.com/
Talend - http://www.talend.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic