ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: How to encrypt the SAML token?
Date Tue, 28 Apr 2015 09:50:20 GMT
There is no direct way of doing it in WSS4J. You will need to create the
Assertion and encrypt it yourself using the OpenSAML APIs. Then you can
just insert it into the security header of the request.

Colm.

On Mon, Apr 27, 2015 at 10:40 PM, Yang, Gang CTR USARMY (US) <
gang.yang.ctr@mail.mil> wrote:

>  I tried to encrypt the SAML assertion token as normal document element
> using WSSecEncrypt. What I got was the <xenc:EncryptedKey> and
> <xenc:EncryptedData> pair directly under <wsse:Security>. That's not what
I
> wanted. I would like the pair under <saml2:EncryptedAssertion>. How do I do
> that?
>
>
>
> Thanks,
>
> Gang
> ------------------------------
> *From:* Yang, Gang CTR USARMY (US) [gang.yang.ctr@mail.mil]
> *Sent:* Monday, April 27, 2015 3:32 PM
> *To:* users@ws.apache.org
> *Subject:* How to encrypt the SAML token?
>
>   Hi,
>
>
>
> I would like to encrypt the SAML token in the final secured SOAP message.
> How do I do that? I looked at the AssertionWrapper class and it can only
> sign the SAML assertion. Do I encrypt SAML assertion like I encrypt other
> pars of the SOAP document? If so, would I get <saml:EncryptedAssertion>?
>
>
>
> Thanks,
>
> Gang
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
View raw message