ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: How to encrypt the SAML token?
Date Tue, 28 Apr 2015 15:32:37 GMT
Yes, it can process requests with an EncryptedAssertion:

https://issues.apache.org/jira/browse/WSS-497

Colm.

On Tue, Apr 28, 2015 at 4:26 PM, Yang, Gang CTR USARMY (US) <
gang.yang.ctr@mail.mil> wrote:

>  Thanks, Colm.
>
>
>
> Would WSS4j be able to process SOAP messages with
> <saml2:EncryptedAssertion> tokens? Or we need to decrypt the SAML token
> first before calling WSSecurityEngine.processSecurityHeader()?
>
>
>
> Gang
> ------------------------------
> *From:* Colm O hEigeartaigh [coheigea@apache.org]
> *Sent:* Tuesday, April 28, 2015 5:50 AM
> *To:* users@ws.apache.org
> *Subject:* Re: How to encrypt the SAML token?
>
>   There is no direct way of doing it in WSS4J. You will need to create
> the Assertion and encrypt it yourself using the OpenSAML APIs. Then you can
> just insert it into the security header of the request.
>
>  Colm.
>
> On Mon, Apr 27, 2015 at 10:40 PM, Yang, Gang CTR USARMY (US) <
> gang.yang.ctr@mail.mil> wrote:
>
>>  I tried to encrypt the SAML assertion token as normal document element
>> using WSSecEncrypt. What I got was the <xenc:EncryptedKey> and
>> <xenc:EncryptedData> pair directly under <wsse:Security>. That's not
what I
>> wanted. I would like the pair under <saml2:EncryptedAssertion>. How do I do
>> that?
>>
>>
>>
>> Thanks,
>>
>> Gang
>> ------------------------------
>> *From:* Yang, Gang CTR USARMY (US) [gang.yang.ctr@mail.mil]
>> *Sent:* Monday, April 27, 2015 3:32 PM
>> *To:* users@ws.apache.org
>> *Subject:* How to encrypt the SAML token?
>>
>>    Hi,
>>
>>
>>
>> I would like to encrypt the SAML token in the final secured SOAP message.
>> How do I do that? I looked at the AssertionWrapper class and it can only
>> sign the SAML assertion. Do I encrypt SAML assertion like I encrypt other
>> pars of the SOAP document? If so, would I get <saml:EncryptedAssertion>?
>>
>>
>>
>> Thanks,
>>
>> Gang
>>
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
View raw message