You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by "Colm O hEigeartaigh (Created) (JIRA)" <ji...@apache.org> on 2012/03/06 13:26:58 UTC
[jira] [Created] (WSS-354) Add support for specifying different
algs for sign or c14n a SAML Assertion in the streaming code.
Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
--------------------------------------------------------------------------------------------------
Key: WSS-354
URL: https://issues.apache.org/jira/browse/WSS-354
Project: WSS4J
Issue Type: Sub-task
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
Fix For: 2.0
Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[jira] [Resolved] (WSS-354) Add support for specifying different
algs for sign or c14n a SAML Assertion in the streaming code.
Posted by "Marc Giger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-354?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Marc Giger resolved WSS-354.
----------------------------
Resolution: Fixed
Assignee: Marc Giger (was: Colm O hEigeartaigh)
resolved in r1408300.
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
> --------------------------------------------------------------------------------------------------
>
> Key: WSS-354
> URL: https://issues.apache.org/jira/browse/WSS-354
> Project: WSS4J
> Issue Type: Sub-task
> Reporter: Colm O hEigeartaigh
> Assignee: Marc Giger
> Fix For: 2.0
>
>
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[jira] [Commented] (WSS-354) Add support for specifying different
algs for sign or c14n a SAML Assertion in the streaming code.
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13493918#comment-13493918 ]
Colm O hEigeartaigh commented on WSS-354:
-----------------------------------------
Yep, assuming the SAMLCallback algorithms have sensible defaults.
Colm.
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
> --------------------------------------------------------------------------------------------------
>
> Key: WSS-354
> URL: https://issues.apache.org/jira/browse/WSS-354
> Project: WSS4J
> Issue Type: Sub-task
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 2.0
>
>
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[jira] [Commented] (WSS-354) Add support for specifying different
algs for sign or c14n a SAML Assertion in the streaming code.
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13493859#comment-13493859 ]
Colm O hEigeartaigh commented on WSS-354:
-----------------------------------------
Hi Marc,
Yep I think it makes sense to allow the user to specify the signature and c14n algorithms via SAMLCallback for both DOM & StAX. Even though you're correct in saying that the DOM code doesn't allow you to set the sig/c14n algorithm via the Action, the "Actions" are not really used much any more. The point is more that the WS-SecurityPolicy layer in a third party application like Apache CXF can set the algorithms directly on the AssertionWrapper.
Colm.
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
> --------------------------------------------------------------------------------------------------
>
> Key: WSS-354
> URL: https://issues.apache.org/jira/browse/WSS-354
> Project: WSS4J
> Issue Type: Sub-task
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 2.0
>
>
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[jira] [Commented] (WSS-354) Add support for specifying different
algs for sign or c14n a SAML Assertion in the streaming code.
Posted by "Marc Giger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13493064#comment-13493064 ]
Marc Giger commented on WSS-354:
--------------------------------
Hi Colm,
The StAX code uses the same API as the DOM code does. So if you specify SAML_TOKEN_SIGNED as an outbound
action (DOM & StAX) the following code will be executed and the standard algorithm will be applied:
if (samlCallback.isSignAssertion()) {
samlAssertionWrapper.signAssertion(
samlCallback.getIssuerKeyName(),
samlCallback.getIssuerKeyPassword(),
samlCallback.getIssuerCrypto(),
samlCallback.isSendKeyValue()
);
}
If you want other algo's you have to build the SAML Assertion yourself and handover it via SAMLCallback (DOM & StAX).
An improvement could/would be for the users if we allow to set custom algo's via SAMLCallback so that the users don't have to build the whole assertion manually just to specify different algo's.
Please advice:-)
Marc
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
> --------------------------------------------------------------------------------------------------
>
> Key: WSS-354
> URL: https://issues.apache.org/jira/browse/WSS-354
> Project: WSS4J
> Issue Type: Sub-task
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 2.0
>
>
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[jira] [Commented] (WSS-354) Add support for specifying different
algs for sign or c14n a SAML Assertion in the streaming code.
Posted by "Marc Giger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13493908#comment-13493908 ]
Marc Giger commented on WSS-354:
--------------------------------
Hi Colm,
If I understand you correctly the following code should resolve this issue?:
if (samlCallback.isSignAssertion()) {
samlAssertionWrapper.signAssertion(
samlCallback.getIssuerKeyName(),
samlCallback.getIssuerKeyPassword(),
samlCallback.getIssuerCrypto(),
samlCallback.isSendKeyValue(),
samlCallback.getCanonicalizationAlgorithm(),
samlCallback.getSignatureAlgorithm()
);
}
Thanks,
Marc
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
> --------------------------------------------------------------------------------------------------
>
> Key: WSS-354
> URL: https://issues.apache.org/jira/browse/WSS-354
> Project: WSS4J
> Issue Type: Sub-task
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 2.0
>
>
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org