You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Thilina Buddhika (JIRA)" <ji...@apache.org> on 2009/06/18 06:07:07 UTC
[jira] Created: (RAMPART-231) Implementing the SAML 2.0 support in
Rampart
Implementing the SAML 2.0 support in Rampart
--------------------------------------------
Key: RAMPART-231
URL: https://issues.apache.org/jira/browse/RAMPART-231
Project: Rampart
Issue Type: New Feature
Components: rampart-trust
Affects Versions: 1.4
Reporter: Thilina Buddhika
Assignee: Ruchith Udayanga Fernando
Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
Rampart2 1.4 Setting to set transport level user different than message level user
Posted by Sumit Shah <Su...@cgifederal.com>.
Hello,
I am trying to find out a config setting to set transport level user
different than the message level user.
What I have is the following scenario:
1. I have a service call that uses a no-auth privileges user as the
transport level user.
2. I set the actual business user in the Message level security in the
WSSecurity header as a UsernameToken.
Rampart is able to correctly authenticate the message level user, but
the transport level user gets passed down to the business logic which
fails authorization.
Is there a way to pass the message level user instead of the transport
level user to the business logic?
Thanks
Sumit
SAMPLE SOAP Request
<soap:Envelope xmlns:acc="http://impl.webservices.ams.com"
xmlns:ref="http://ref.sr.domain.com/"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Header><wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd"><wsu:Timestamp wsu:Id="Timestamp-12"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"><wsu:Created>2009-08-11T19:36:20Z</wsu:Created><w
su:Expires>2009-08-11T19:53:00Z</wsu:Expires></wsu:Timestamp><wsse:Usern
ameToken wsu:Id="UsernameToken-11"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"><wsse:Username>sumitshah</wsse:Username><wsse:Pas
sword
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t
oken-profile-1.0#PasswordText">XXXXXX</wsse:Password></wsse:UsernameToke
n></wsse:Security></soap:Header>
<soap:Body>
<acc:review>
<acc:Select>
<ref:name>cp0805a</ref:name>
</acc:Select>
</acc:review>
</soap:Body>
</soap:Envelope>
Rampart2 1.4 Setting to set transport level user different than message level user
Posted by Sumit Shah <Su...@cgifederal.com>.
Hello,
I am trying to find out a config setting to set transport level user
different than the message level user.
What I have is the following scenario:
1. I have a service call that uses a no-auth privileges user as the
transport level user.
2. I set the actual business user in the Message level security in the
WSSecurity header as a UsernameToken.
Rampart is able to correctly authenticate the message level user, but
the transport level user gets passed down to the business logic which
fails authorization.
Is there a way to pass the message level user instead of the transport
level user to the business logic?
Thanks
Sumit
SAMPLE SOAP Request
<soap:Envelope xmlns:acc="http://impl.webservices.ams.com"
xmlns:ref="http://ref.sr.domain.com/"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Header><wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd"><wsu:Timestamp wsu:Id="Timestamp-12"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"><wsu:Created>2009-08-11T19:36:20Z</wsu:Created><w
su:Expires>2009-08-11T19:53:00Z</wsu:Expires></wsu:Timestamp><wsse:Usern
ameToken wsu:Id="UsernameToken-11"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"><wsse:Username>sumitshah</wsse:Username><wsse:Pas
sword
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t
oken-profile-1.0#PasswordText">XXXXXX</wsse:Password></wsse:UsernameToke
n></wsse:Security></soap:Header>
<soap:Body>
<acc:review>
<acc:Select>
<ref:name>cp0805a</ref:name>
</acc:Select>
</acc:review>
</soap:Body>
</soap:Envelope>
Rampart2 1.4 Setting to set transport level user different than message level user
Posted by Sumit Shah <Su...@cgifederal.com>.
Hello,
I am trying to find out a config setting to set transport level user
different than the message level user.
What I have is the following scenario:
1. I have a service call that uses a no-auth privileges user as the
transport level user.
2. I set the actual business user in the Message level security in the
WSSecurity header as a UsernameToken.
Rampart is able to correctly authenticate the message level user, but
the transport level user gets passed down to the business logic which
fails authorization.
Is there a way to pass the message level user instead of the transport
level user to the business logic?
Thanks
Sumit
SAMPLE SOAP Request
<soap:Envelope xmlns:acc="http://impl.webservices.ams.com"
xmlns:ref="http://ref.sr.domain.com/"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Header><wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd"><wsu:Timestamp wsu:Id="Timestamp-12"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"><wsu:Created>2009-08-11T19:36:20Z</wsu:Created><w
su:Expires>2009-08-11T19:53:00Z</wsu:Expires></wsu:Timestamp><wsse:Usern
ameToken wsu:Id="UsernameToken-11"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"><wsse:Username>sumitshah</wsse:Username><wsse:Pas
sword
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t
oken-profile-1.0#PasswordText">XXXXXX</wsse:Password></wsse:UsernameToke
n></wsse:Security></soap:Header>
<soap:Body>
<acc:review>
<acc:Select>
<ref:name>cp0805a</ref:name>
</acc:Select>
</acc:review>
</soap:Body>
</soap:Envelope>
[jira] Resolved: (RAMPART-231) Implementing the SAML 2.0 support in
Rampart
Posted by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nandana Mihindukulasooriya resolved RAMPART-231.
------------------------------------------------
Resolution: Fixed
Applied the patch to both the trunk and 1.5 branch in revisions 808564 and 808569. Thanks Thilina. SAML 2.0 support will be available in the Rampart 1.5 release.
thanks,
Nandana
> Implementing the SAML 2.0 support in Rampart
> --------------------------------------------
>
> Key: RAMPART-231
> URL: https://issues.apache.org/jira/browse/RAMPART-231
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-trust
> Affects Versions: 1.4
> Reporter: Thilina Buddhika
> Assignee: Nandana Mihindukulasooriya
> Fix For: 1.5
>
> Attachments: rampart-final.patch, rampart-modified.patch, rampart.patch
>
>
> Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Issue Comment Edited: (RAMPART-231) Implementing the SAML
2.0 support in Rampart
Posted by "Thilina Buddhika (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12746458#action_12746458 ]
Thilina Buddhika edited comment on RAMPART-231 at 8/22/09 6:51 AM:
-------------------------------------------------------------------
I am attaching the patch containing the modifications as per my last comment. Please ignore the rampart.patch and rampart-modified.patch.
Thanks.
/thilina
was (Author: thilinamb):
I attaching the patch containing the modifications as per my last comment. Please ignore the rampart.patch and rampart-modified.patch.
Thanks.
/thilina
> Implementing the SAML 2.0 support in Rampart
> --------------------------------------------
>
> Key: RAMPART-231
> URL: https://issues.apache.org/jira/browse/RAMPART-231
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-trust
> Affects Versions: 1.4
> Reporter: Thilina Buddhika
> Assignee: Nandana Mihindukulasooriya
> Attachments: rampart-final.patch, rampart-modified.patch, rampart.patch
>
>
> Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-231) Implementing the SAML 2.0 support
in Rampart
Posted by "Thilina Buddhika (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12757014#action_12757014 ]
Thilina Buddhika commented on RAMPART-231:
------------------------------------------
Hi all,
In this patch I am adding a new dependency for OpenSAML 2, while keeping the OpenSAML 1.1 dependency as it is. This is due to the fact that OpenSAML 2.x is not backward compatible with OpenSAML 1.x. So in order to maintain the SAML 1.1 support in Rampart we have to keep this OpenSAML 1.1 dependency unchanged until we modify the existing SAML 1.1 implementation to use OpenSAML 2.x libraries.
Thanks.
/thilina
> Implementing the SAML 2.0 support in Rampart
> --------------------------------------------
>
> Key: RAMPART-231
> URL: https://issues.apache.org/jira/browse/RAMPART-231
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-trust
> Affects Versions: 1.4
> Reporter: Thilina Buddhika
> Assignee: Nandana Mihindukulasooriya
> Fix For: 1.5
>
> Attachments: rampart-final.patch, rampart-modified.patch, rampart.patch
>
>
> Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-231) Implementing the SAML 2.0 support in
Rampart
Posted by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nandana Mihindukulasooriya updated RAMPART-231:
-----------------------------------------------
Fix Version/s: 1.5
> Implementing the SAML 2.0 support in Rampart
> --------------------------------------------
>
> Key: RAMPART-231
> URL: https://issues.apache.org/jira/browse/RAMPART-231
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-trust
> Affects Versions: 1.4
> Reporter: Thilina Buddhika
> Assignee: Nandana Mihindukulasooriya
> Fix For: 1.5
>
> Attachments: rampart-final.patch, rampart-modified.patch, rampart.patch
>
>
> Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-231) Implementing the SAML 2.0 support
in Rampart
Posted by "Jesse Pangburn (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12849564#action_12849564 ]
Jesse Pangburn commented on RAMPART-231:
----------------------------------------
Hi,
I tested this with the patch Thilina submitted to WSS4J #204, and while that patch does seem to validate that there's a SAML 2 token there (and checks the digital signatures apparently), I'm confused how it's supposed to verify it's the right token.
I modified the Sample08 you provided to have a SupportingTokens element with this content:
...
<sp:Issuer>
<Address xmlns="http://www.w3.org/2005/08/addressing">SAMPLE_STS1</Address>
</sp:Issuer>
<sp:RequestSecurityTokenTemplate>
<t:TokenType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">urn:oasis:names:tc:SAML:2.0:assertion</t:TokenType>
<t:KeyType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey</t:KeyType>
<t:KeySize xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">256</t:KeySize>
</sp:RequestSecurityTokenTemplate>
...
I know this was read with original WSS4J 1.5.8 because it would always fail if the SupportingTokens element was present. After I used your patch on WSS4J, then it was successful. So I changed the issuer to "SAMPLE_STS1" to see if it would throw an error because the issuer is "SAMPLE_STS", but sadly it does not. It also does not care if you change the TokenType to "2.1" or something". In the PolicyBasedResultsValidator.java I see this relevant section:
} else if ( token instanceof IssuedToken ) {
//TODO is is enough to check for ST_UNSIGNED results ??
WSSecurityEngineResult samlResult = WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
if(samlResult == null) {
throw new RampartException("samlTokenMissing");
}
It has the SupportingTokens element at this point. In the debugger I see the "SAMPLE_STS1" in the issuer element in the token variable, and I see the content in the actual token "SAMPLE_STS" in samlresult variable. But it doesn't do any check to see if this or other fields match. Is that supposed to happen here from your "TODO" comment?
Also, if this is the wrong place to post this, please excuse me and delete the comment :-)
thanks,
Jesse
> Implementing the SAML 2.0 support in Rampart
> --------------------------------------------
>
> Key: RAMPART-231
> URL: https://issues.apache.org/jira/browse/RAMPART-231
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-trust
> Affects Versions: 1.4
> Reporter: Thilina Buddhika
> Assignee: Nandana Mihindukulasooriya
> Fix For: 1.5
>
> Attachments: rampart-final.patch, rampart-modified.patch, rampart.patch
>
>
> Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-231) Implementing the SAML 2.0 support
in Rampart
Posted by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12740203#action_12740203 ]
Nandana Mihindukulasooriya commented on RAMPART-231:
----------------------------------------------------
Thanks a lot Thilina for the contribution and it will be a great addition to Rampart 1.5 release. We are planning to go with WSS4J 1.5.8 release, so we might probably not be able to have the WSS4J changes in the Rampart 1.5.8 release. So the SAML2 Token issuer will not require any change in WSS4J according to my understanding, am I correct ? In that case, we will only be able to get the SAML2 issuer for Rampart 1.5. I will go through the patch and lets decide how we should proceed.
regards,
Nandana
> Implementing the SAML 2.0 support in Rampart
> --------------------------------------------
>
> Key: RAMPART-231
> URL: https://issues.apache.org/jira/browse/RAMPART-231
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-trust
> Affects Versions: 1.4
> Reporter: Thilina Buddhika
> Assignee: Nandana Mihindukulasooriya
> Attachments: rampart.patch
>
>
> Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (RAMPART-231) Implementing the SAML 2.0 support in
Rampart
Posted by "Thilina Buddhika (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thilina Buddhika closed RAMPART-231.
------------------------------------
Thanks a lot Nandana.
/ thilina
> Implementing the SAML 2.0 support in Rampart
> --------------------------------------------
>
> Key: RAMPART-231
> URL: https://issues.apache.org/jira/browse/RAMPART-231
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-trust
> Affects Versions: 1.4
> Reporter: Thilina Buddhika
> Assignee: Nandana Mihindukulasooriya
> Fix For: 1.5
>
> Attachments: rampart-final.patch, rampart-modified.patch, rampart.patch
>
>
> Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (RAMPART-231) Implementing the SAML 2.0 support in
Rampart
Posted by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nandana Mihindukulasooriya reassigned RAMPART-231:
--------------------------------------------------
Assignee: Nandana Mihindukulasooriya (was: Ruchith Udayanga Fernando)
> Implementing the SAML 2.0 support in Rampart
> --------------------------------------------
>
> Key: RAMPART-231
> URL: https://issues.apache.org/jira/browse/RAMPART-231
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-trust
> Affects Versions: 1.4
> Reporter: Thilina Buddhika
> Assignee: Nandana Mihindukulasooriya
> Attachments: rampart.patch
>
>
> Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-231) Implementing the SAML 2.0 support in
Rampart
Posted by "Thilina Buddhika (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thilina Buddhika updated RAMPART-231:
-------------------------------------
Attachment: rampart-final.patch
I attaching the patch containing the modifications as per my last comment. Please ignore the rampart.patch and rampart-modified.patch.
Thanks.
/thilina
> Implementing the SAML 2.0 support in Rampart
> --------------------------------------------
>
> Key: RAMPART-231
> URL: https://issues.apache.org/jira/browse/RAMPART-231
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-trust
> Affects Versions: 1.4
> Reporter: Thilina Buddhika
> Assignee: Nandana Mihindukulasooriya
> Attachments: rampart-final.patch, rampart-modified.patch, rampart.patch
>
>
> Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-231) Implementing the SAML 2.0 support in
Rampart
Posted by "Thilina Buddhika (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thilina Buddhika updated RAMPART-231:
-------------------------------------
Attachment: rampart-modified.patch
Some improvements are done to the patch and modified patch is attached herewith. Please ignore the previous patch(rampart.patch) and consider the latest patch(rampart-modified.patch).
Thanks.
/thilina
> Implementing the SAML 2.0 support in Rampart
> --------------------------------------------
>
> Key: RAMPART-231
> URL: https://issues.apache.org/jira/browse/RAMPART-231
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-trust
> Affects Versions: 1.4
> Reporter: Thilina Buddhika
> Assignee: Nandana Mihindukulasooriya
> Attachments: rampart-modified.patch, rampart.patch
>
>
> Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-231) Implementing the SAML 2.0 support
in Rampart
Posted by "Thilina Buddhika (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12741180#action_12741180 ]
Thilina Buddhika commented on RAMPART-231:
------------------------------------------
Yes. SAML2 Issuer code does not have any dependencies on WSS4J. Only the SAML2.0 validation logic is implemented in WSS4J. So without those changes in WSS4J, it should be possible to issue a SAML 2.0 token.
Thanks.
/thilina.
> Implementing the SAML 2.0 support in Rampart
> --------------------------------------------
>
> Key: RAMPART-231
> URL: https://issues.apache.org/jira/browse/RAMPART-231
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-trust
> Affects Versions: 1.4
> Reporter: Thilina Buddhika
> Assignee: Nandana Mihindukulasooriya
> Attachments: rampart.patch
>
>
> Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-231) Implementing the SAML 2.0 support in
Rampart
Posted by "Thilina Buddhika (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thilina Buddhika updated RAMPART-231:
-------------------------------------
Attachment: rampart.patch
With the attached patch, the SAML 2.0 support for Rampart will be available. This patch contains the code that is used to generate SAML 2.0 tokens complying to the SAML Token profile v1.1 .
For the validation part of an SAML 2.0 assertion, I have submitted a patch to the WSS4J under the WSS-204.
> Implementing the SAML 2.0 support in Rampart
> --------------------------------------------
>
> Key: RAMPART-231
> URL: https://issues.apache.org/jira/browse/RAMPART-231
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-trust
> Affects Versions: 1.4
> Reporter: Thilina Buddhika
> Assignee: Ruchith Udayanga Fernando
> Attachments: rampart.patch
>
>
> Currently Rampart only supports the previous versions of SAML, but not SAML 2.0. But having the support for SAML 2.0 is vital and it will benefit the Rampart users a lot. So it will be great to have SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.