[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xmlrpc-user
Subject:    Re: Appending a Saml Token DOM to header with WSS4J
From:       Colm O hEigeartaigh <coheigea () apache ! org>
Date:       2011-06-24 11:35:08
Message-ID: BANLkTik6diy=KbVvK08D0U_Jnsbw2vFXSg () mail ! gmail ! com
[Download RAW message or body]

Hi Alexandre,

The SAMLTokenUnsignedAction is designed for the case of creating a
(unsigned) SAML Assertion and attaching it to the security header. The
use-case your are describing of obtaining a SAML Token from an STS is
different to the above scenario, and so I recommend you create a
custom Action implementation for this.

Colm.

On Fri, Jun 24, 2011 at 4:54 AM, Alexandre Beaupre
<beaupre_a@hotmail.com> wrote:
> Hi All,
>
> I have a question regarding wss4j 1.6.1.
>
> I'm trying to use the SAMLTokenUnsignedAction so that it will append a saml
> assertion DOM (retrieved from a STS) in my security header.
> The assertion is retrieved in my SAMLIssuer has an Element.  The assertion
> is complete and already signed.
>
> The problem is that instead of simply appending the Element in the security
> header, I notice that wss4j
> 1) Unmarhsalled the Element as an XmlObject in the AssertionWrapper
> constructor,
> 2) "Re"marshalled the XmlObject to an Element in the toDom() method
> 3) Tries to sign the XmlObject (which always crash)
>
> Why doesn't wss4j simply append the Element Assertion as it is in the
> security header ?  Is there another way to do this ?
>
> Thanks!
> Alexandre Beaupré
>



-- 
Colm O hEigeartaigh

http://coheigea.blogspot.com/
Talend - http://www.talend.com

[prev in list] [next in list] [prev in thread] [next in thread]