You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Martin Gainty (JIRA)" <ji...@apache.org> on 2018/07/10 12:19:00 UTC
[jira] [Created] (CXF-7786) SAML2.0 hardcoded prevents SAML1.1
assertion from working
Martin Gainty created CXF-7786:
----------------------------------
Summary: SAML2.0 hardcoded prevents SAML1.1 assertion from working
Key: CXF-7786
URL: https://issues.apache.org/jira/browse/CXF-7786
Project: CXF
Issue Type: Improvement
Components: Clustering, Configuration
Affects Versions: 3.0.3
Environment: Apache Maven 3.5.3 (3383c37e1f9e9b3bc3df5050c29c8aff9f295297; 2018-02-24T14:49:05-05:00)
Maven home: /maven3.5.3/bin/
Java version: 1.8.0_161, vendor: Oracle Corporation
Java home: /JDK18~1.0_1/jre
Default locale: en_US, platform encoding: Cp1252
cxf version=3.0.3
Reporter: Martin Gainty
public class SamlCallbackHandler implements CallbackHandler {
private boolean saml2 = true; //SAML 2.0 hard coded to true prevents SAML 1.1 assert
.\systests\ws-security\target\test-classes\org\apache\cxf\systest\ws\saml\client.xml
//you can see where SAML1.1 SupportingTokens is commented out
<!--
<sp:SupportingTokens>
<wsp:Policy>
<sp:SamlToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssSamlV11Token11/>
</wsp:Policy>
</sp:SamlToken>
</wsp:Policy>
</sp:SupportingTokens>
-->
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)