ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yang, Gang CTR USARMY (US)" <gang.yang....@mail.mil>
Subject RE: How to encrypt the SAML token?
Date Tue, 28 Apr 2015 15:26:39 GMT
Thanks, Colm.



Would WSS4j be able to process SOAP messages with <saml2:EncryptedAssertion> tokens?
Or we need to decrypt the SAML token first before calling WSSecurityEngine.processSecurityHeader()?



Gang

________________________________
From: Colm O hEigeartaigh [coheigea@apache.org]
Sent: Tuesday, April 28, 2015 5:50 AM
To: users@ws.apache.org
Subject: Re: How to encrypt the SAML token?

There is no direct way of doing it in WSS4J. You will need to create the Assertion and encrypt
it yourself using the OpenSAML APIs. Then you can just insert it into the security header
of the request.

Colm.

On Mon, Apr 27, 2015 at 10:40 PM, Yang, Gang CTR USARMY (US) <gang.yang.ctr@mail.mil<mailto:gang.yang.ctr@mail.mil>>
wrote:

I tried to encrypt the SAML assertion token as normal document element using WSSecEncrypt.
What I got was the <xenc:EncryptedKey> and <xenc:EncryptedData> pair directly
under <wsse:Security>. That's not what I wanted. I would like the pair under <saml2:EncryptedAssertion>.
How do I do that?



Thanks,

Gang

________________________________
From: Yang, Gang CTR USARMY (US) [gang.yang.ctr@mail.mil<mailto:gang.yang.ctr@mail.mil>]
Sent: Monday, April 27, 2015 3:32 PM
To: users@ws.apache.org<mailto:users@ws.apache.org>
Subject: How to encrypt the SAML token?


Hi,



I would like to encrypt the SAML token in the final secured SOAP message. How do I do that?
I looked at the AssertionWrapper class and it can only sign the SAML assertion. Do I encrypt
SAML assertion like I encrypt other pars of the SOAP document? If so, would I get <saml:EncryptedAssertion>?



Thanks,

Gang



--
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com<http://coders.talend.com/>

Mime
View raw message