You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (Jira)" <ji...@apache.org> on 2022/05/31 08:02:00 UTC
[jira] [Assigned] (CXF-8567) AdviceBean in CXF STS using SAMLTokenProvider
[ https://issues.apache.org/jira/browse/CXF-8567?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh reassigned CXF-8567:
----------------------------------------
Assignee: Colm O hEigeartaigh
> AdviceBean in CXF STS using SAMLTokenProvider
> ---------------------------------------------
>
> Key: CXF-8567
> URL: https://issues.apache.org/jira/browse/CXF-8567
> Project: CXF
> Issue Type: New Feature
> Components: JAX-WS Runtime, STS
> Affects Versions: 3.4.4
> Reporter: subigre
> Assignee: Colm O hEigeartaigh
> Priority: Major
>
> In the context of a new project, I need to implement a STS that generates some SAML tokens for users already authenticated.
> As a result, the SAML assertion returns by the STS must contain reference to the SAML assertion sent in the request.
>
> {code:java}
> <saml2:Assertion ID="_78a4e4c6-d394-4c18-89da-7f9eb82dc517" IssueInstant="2021-07-22T21:02:16.176Z" Version="2.0" xsi:type="saml2:AssertionType" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> ...
> <saml2:Subject>
> <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">fPzBicjKXtADawasyp1d1w==</saml2:NameID>
> <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
> </saml2:Subject>
> <saml2:Conditions NotBefore="2021-07-13T12:07:58.417Z" NotOnOrAfter="2021-07-13T14:07:58.417Z"/>
> <saml2:Advice>
> <saml2:AssertionIDRef>_2c84dd7b-728c-4a35-95ed-dc36aeda731e</saml2:AssertionIDRef>
> </saml2:Advice>
> <saml2:AuthnStatement AuthnInstant="2021-07-13T12:07:58.417Z">
> <saml2:AuthnContext>
> <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession</saml2:AuthnContextClassRef>
> </saml2:AuthnContext>
> </saml2:AuthnStatement>
> ...
> </saml2:Assertion>
> {code}
>
> Currently, I implement my own providers using the following interfaces to populate/customize the rest of the SAML assertion:
> * {{AttributeStatementProvider}}
> * {{AuthDecisionStatementProvider}}
> * {{AuthenticationStatementProvider}}
> * {{ConditionsProvider}}
> However, I do not find a mechanism to populate the {{AdviceBean.}}
>
--
This message was sent by Atlassian Jira
(v8.20.7#820007)