You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Martin Gainty (JIRA)" <ji...@apache.org> on 2018/07/10 12:19:00 UTC

[jira] [Created] (CXF-7786) SAML2.0 hardcoded prevents SAML1.1 assertion from working

Martin Gainty created CXF-7786:
----------------------------------

             Summary: SAML2.0 hardcoded prevents SAML1.1 assertion from working
                 Key: CXF-7786
                 URL: https://issues.apache.org/jira/browse/CXF-7786
             Project: CXF
          Issue Type: Improvement
          Components: Clustering, Configuration
    Affects Versions: 3.0.3
         Environment: Apache Maven 3.5.3 (3383c37e1f9e9b3bc3df5050c29c8aff9f295297; 2018-02-24T14:49:05-05:00)
Maven home: /maven3.5.3/bin/
Java version: 1.8.0_161, vendor: Oracle Corporation
Java home: /JDK18~1.0_1/jre
Default locale: en_US, platform encoding: Cp1252

  cxf version=3.0.3
            Reporter: Martin Gainty


public class SamlCallbackHandler implements CallbackHandler {
 private boolean saml2 = true; //SAML 2.0 hard coded to true prevents SAML 1.1 assert

 

.\systests\ws-security\target\test-classes\org\apache\cxf\systest\ws\saml\client.xml

//you can see where SAML1.1 SupportingTokens is commented out
<!--
 <sp:SupportingTokens>
 <wsp:Policy>
 <sp:SamlToken
 sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
 <wsp:Policy>
 <sp:WssSamlV11Token11/>
 </wsp:Policy>
 </sp:SamlToken>
 </wsp:Policy>
 </sp:SupportingTokens>
 -->



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)