ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marc Giger (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WSS-354) Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming code.
Date Thu, 08 Nov 2012 09:34:11 GMT

    [ https://issues.apache.org/jira/browse/WSS-354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13493064#comment-13493064
] 

Marc Giger commented on WSS-354:
--------------------------------

Hi Colm,

The StAX code uses the same API as the DOM code does. So if you specify SAML_TOKEN_SIGNED
as an outbound
action (DOM & StAX) the following code will be executed and the standard algorithm will
be applied:

if (samlCallback.isSignAssertion()) {
                samlAssertionWrapper.signAssertion(
                        samlCallback.getIssuerKeyName(),
                        samlCallback.getIssuerKeyPassword(),
                        samlCallback.getIssuerCrypto(),
                        samlCallback.isSendKeyValue()
                );
            }

If you want other algo's you have to build the SAML Assertion yourself and handover it via
SAMLCallback (DOM & StAX).

An improvement could/would be for the users if we allow to set custom algo's via SAMLCallback
so that the users don't have to build the whole assertion manually just to specify different
algo's.

Please advice:-)

Marc
                
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming
code.
> --------------------------------------------------------------------------------------------------
>
>                 Key: WSS-354
>                 URL: https://issues.apache.org/jira/browse/WSS-354
>             Project: WSS4J
>          Issue Type: Sub-task
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.0
>
>
> Add support for specifying different algs for sign or c14n a SAML Assertion in the streaming
code.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


Mime
View raw message