You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ws.apache.org by "Marc Giger (JIRA)" <ji...@apache.org> on 2012/11/08 10:34:11 UTC

[jira] [Commented] (WSS-354) Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.

    [ https://issues.apache.org/jira/browse/WSS-354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13493064#comment-13493064 ] 

Marc Giger commented on WSS-354:
--------------------------------

Hi Colm,

The StAX code uses the same API as the DOM code does. So if you specify SAML_TOKEN_SIGNED as an outbound
action (DOM & StAX) the following code will be executed and the standard algorithm will be applied:

if (samlCallback.isSignAssertion()) {
                samlAssertionWrapper.signAssertion(
                        samlCallback.getIssuerKeyName(),
                        samlCallback.getIssuerKeyPassword(),
                        samlCallback.getIssuerCrypto(),
                        samlCallback.isSendKeyValue()
                );
            }

If you want other algo's you have to build the SAML Assertion yourself and handover it via SAMLCallback (DOM & StAX).

An improvement could/would be for the users if we allow to set custom algo's via SAMLCallback so that the users don't have to build the whole assertion manually just to specify different algo's.

Please advice:-)

Marc
                
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
> --------------------------------------------------------------------------------------------------
>
>                 Key: WSS-354
>                 URL: https://issues.apache.org/jira/browse/WSS-354
>             Project: WSS4J
>          Issue Type: Sub-task
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.0
>
>
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org