Re: SAML 2.0

[Andrea Poli <ap...@link.it>]

On 04/28/2010 02:24 PM, Thomas Koenig wrote:
> Since the patch uses features of Java 1.5 I had to modify the
> wss4j/build.xml file. You also have to copy opensaml-2.3.1.jar and its
> dependencies (look at opensaml-2.3.1/pom.xml) into the wss4j/lib directory.
>
> Doing this I successfully build a wss4j-1.5.8-patchSAML2.jar file, but
> haven't tested it yet.
>    

Thanks for the suggestion, I applied the patch successfully.
I have tested it, too.

I did the following tests (both for SAML 1.1 and for SAML 2.0):
1. SAMLUnsigned
2. SAMLSigned with confirmationMethod=senderVouches and 
xml.signature.spec=wss
3. SAMLSigned with confirmationMethod=keyHolder and xml.signature.spec=wss
4. SAMLSigned with confirmationMethod=senderVouches and 
xml.signature.spec=saml
5. SAMLSigned with confirmationMethod=keyHolder and xml.signature.spec=saml

You found the configurations of the tests attached.
Only the tests 1,2,4 have perfectly succeeded.
The tests 3 and 5 fail. These tests contain a configuration: 
confirmationMethod=keyHolder

NOTE: After having modified the sources with the patch 
wss4j-1.5.8-saml.patch (https://issues.apache.org/jira/browse/WSS-146) I 
have modified again them.
You found the patch attached: wss4j-1.5.8-saml-ext.patch

Can you confirm me that this last patch correctly works?

Could you suggest me a solution for the tests with 
confirmationMethod=keyHolder ?

Andrea.