You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (Jira)" <ji...@apache.org> on 2022/05/31 08:02:00 UTC

[jira] [Assigned] (CXF-8567) AdviceBean in CXF STS using SAMLTokenProvider

     [ https://issues.apache.org/jira/browse/CXF-8567?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh reassigned CXF-8567:
----------------------------------------

    Assignee: Colm O hEigeartaigh

> AdviceBean in CXF STS using SAMLTokenProvider
> ---------------------------------------------
>
>                 Key: CXF-8567
>                 URL: https://issues.apache.org/jira/browse/CXF-8567
>             Project: CXF
>          Issue Type: New Feature
>          Components: JAX-WS Runtime, STS
>    Affects Versions: 3.4.4
>            Reporter: subigre
>            Assignee: Colm O hEigeartaigh
>            Priority: Major
>
> In the context of a new project, I need to implement a STS that generates some SAML tokens for users already authenticated.
> As a result, the SAML assertion returns by the STS must contain reference to the SAML assertion sent in the request.
>  
> {code:java}
> <saml2:Assertion ID="_78a4e4c6-d394-4c18-89da-7f9eb82dc517" IssueInstant="2021-07-22T21:02:16.176Z" Version="2.0" xsi:type="saml2:AssertionType" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>     ...
>     <saml2:Subject>
>         <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">fPzBicjKXtADawasyp1d1w==</saml2:NameID>
>         <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
>     </saml2:Subject>
>     <saml2:Conditions NotBefore="2021-07-13T12:07:58.417Z" NotOnOrAfter="2021-07-13T14:07:58.417Z"/>
>     <saml2:Advice>
>         <saml2:AssertionIDRef>_2c84dd7b-728c-4a35-95ed-dc36aeda731e</saml2:AssertionIDRef>
>     </saml2:Advice>
>     <saml2:AuthnStatement AuthnInstant="2021-07-13T12:07:58.417Z">
> 	<saml2:AuthnContext>
>             <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession</saml2:AuthnContextClassRef>
>         </saml2:AuthnContext>
>     </saml2:AuthnStatement>
>     ...
> </saml2:Assertion>
> {code}
>  
> Currently, I implement my own providers using the following interfaces to populate/customize the rest of the SAML assertion:
>  * {{AttributeStatementProvider}}
>  * {{AuthDecisionStatementProvider}}
>  * {{AuthenticationStatementProvider}}
>  * {{ConditionsProvider}}
> However, I do not find a mechanism to populate the {{AdviceBean.}}
>  



--
This message was sent by Atlassian Jira
(v8.20.7#820007)