You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2013/06/26 12:12:20 UTC
[jira] [Resolved] (CXF-4457) Extend WS-SecureConversation to
support SAML Assertions for authentication
[ https://issues.apache.org/jira/browse/CXF-4457?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh resolved CXF-4457.
--------------------------------------
Resolution: Fixed
> Extend WS-SecureConversation to support SAML Assertions for authentication
> --------------------------------------------------------------------------
>
> Key: CXF-4457
> URL: https://issues.apache.org/jira/browse/CXF-4457
> Project: CXF
> Issue Type: Improvement
> Components: WS-* Components
> Reporter: Glen Mazza
> Assignee: Colm O hEigeartaigh
> Fix For: 2.7.6
>
> Attachments: cxf-tutorial.patch
>
>
> Hi, as shown for GlassFish Metro:
> https://gist.github.com/3191480
> Support the following authentication mechanism:
> 1.) The WSC gets a SAML assertion from the STS.
> 2.) The WSC sends that SAML assertion to the WSP to get the SCT from the WSP
> 3.) All subsequent real calls for doubled numbers between WSC and WSP use the SCT and not the SAML assertion.
> Here is a Netbeans-generated WSDL for this scenario:
> https://github.com/gmazza/blog-samples/blob/master/cxf_sts_tutorial/service/src/main/resources/DoubleItSecrConv.txt
> A sample testcase that can be used (steps to use: update WSP WSDL with the one above, run mvn clean install tomcat7:redeploy from base folder, then mvn exec:exec from client folder): https://github.com/gmazza/blog-samples/tree/master/cxf_sts_tutorial
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira