ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Kidd <markkid...@yahoo.com>
Subject Wss4j support for SAML 2.0 EncryptedAssertion
Date Mon, 21 Apr 2014 13:16:04 GMT
Does WSS4J (1.6.9 ) support SAML 2.0 EncryptedAssertion elements?

My service is receiving an EncryptedAssertion from the STS, and when WSS4J is trying to parse
the security token reference, it can't find the Assertion via its ID its encrypted(org.apache.ws.security.str.DerivedKeyTokenSTRParser.parseSecurityTokenReference)

It falls back to the CallbackHandler looking for the secret key(which I clearly won't have).

I was able to manually decrypt the EncryptedAssertion via the opensaml library( following
the decryption example here: OSTwoUserManJavaXMLEncryption - OpenSAML 2.x - Confluence ),
but I was hoping that WSS4J should be handling this automatically for me and I've just incorrectly
set something up.

Thanks for any insight.

 
 OSTwoUserManJavaXMLEncryption - OpenSAML 2.x - Confluence
XML Encryption Encrypting a SAMLObject SAML 2 objects may be encrypted per the SAML 2 profile
of the XML Encryption specification. Encryption consists of the following steps:   
View on wiki.shibboleth.net Preview by Yahoo  
Mime
View raw message