You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by "Zsolt Fatér (JIRA)" <ji...@apache.org> on 2018/02/08 15:41:00 UTC
[jira] [Comment Edited] (WSS-622) from SAMLCallback no possible
setting SAML2 SubjectConfirmation.NameID
[ https://issues.apache.org/jira/browse/WSS-622?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16357059#comment-16357059 ]
Zsolt Fatér edited comment on WSS-622 at 2/8/18 3:40 PM:
---------------------------------------------------------
I am missing the Envelope/Header/Security/Assertion/Subject/SubjectConfirmation/NameID
Here is an example:
{code:xml}
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_a01e102a-93f8-4f80-830b-14935b65b452" IssueInstant="2018-02-08T14:57:57.069Z" Version="2.0" xsi:type="saml2:AssertionType">
<saml2:Issuer>anyk</saml2:Issuer>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" NameQualifier="subjectNameQualifier">subjectNameQualifierValue</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<!-- I am missing this part -->
<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" NameQualifier="confirmationNameQualifier">confirmationNameQualifier</saml2:NameID>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2018-02-08T14:57:57.070Z" NotOnOrAfter="2018-02-08T15:02:57.070Z"/>
</saml2:Assertion>
</wsse:Security>
</soap:Header>
<soap:Body>
<ns3:dataRequest xmlns:ns3="namespace" />
</soap:Body>
</soap:Envelope>
{code}
I was attached a patch, which is solved my problem. The patch is base on wss2j 2.2.1 version.
_Edited_
I was make a pull request on github: https://github.com/apache/wss4j/pull/9
was (Author: zsoltii):
I am missing the Envelope/Header/Security/Assertion/Subject/SubjectConfirmation/NameID
Here is an example:
{code:xml}
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_a01e102a-93f8-4f80-830b-14935b65b452" IssueInstant="2018-02-08T14:57:57.069Z" Version="2.0" xsi:type="saml2:AssertionType">
<saml2:Issuer>anyk</saml2:Issuer>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" NameQualifier="subjectNameQualifier">subjectNameQualifierValue</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<!-- I am missing this part -->
<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" NameQualifier="confirmationNameQualifier">confirmationNameQualifier</saml2:NameID>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2018-02-08T14:57:57.070Z" NotOnOrAfter="2018-02-08T15:02:57.070Z"/>
</saml2:Assertion>
</wsse:Security>
</soap:Header>
<soap:Body>
<ns3:dataRequest xmlns:ns3="namespace" />
</soap:Body>
</soap:Envelope>
{code}
I was attached a patch, which is solved my problem. The patch is base on wss2j 2.2.1 version.
> from SAMLCallback no possible setting SAML2 SubjectConfirmation.NameID
> -----------------------------------------------------------------------
>
> Key: WSS-622
> URL: https://issues.apache.org/jira/browse/WSS-622
> Project: WSS4J
> Issue Type: Wish
> Components: WSS4J Handlers
> Affects Versions: 2.2.0
> Reporter: Zsolt Fatér
> Assignee: Colm O hEigeartaigh
> Priority: Minor
> Attachments: WSS4J_WSS-622_from_SAMLCallback_no_passible_setting_SAML2_SubjectConfirmation_NameID.patch
>
>
> In the SAMLCallback class doesn't possible to set the SAML2 SubjectConfirmation class NameID attribute.
> It will be good, if setting will be same then SubjectConfirationData setting.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org