[
https://issues.apache.org/jira/browse/CXF-3524?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated CXF-3524:
-------------------------------------
Attachment: cxf-3524.patch
> Support Derived Keys with the Symmetric Binding + SAML Assertions
> -----------------------------------------------------------------
>
> Key: CXF-3524
> URL: https://issues.apache.org/jira/browse/CXF-3524
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.4
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 2.4.1
>
> Attachments: cxf-3524.patch
>
>
> There are a couple of problems with using Derived Keys pointing towards SAML
> Assertions when using the symmetric binding:
> 1) The SymmetricBindingHandler can't handle creating a reference to SAML
> Assertion if the security token does not have a (un)attached Reference to the
> Assertion.
> 2) In the holder-of-key case, using a derived key will cause the
> holder-of-key requirements processing to fail.
> Creating a JIRA + patch for this, as it depends on a fix in WSS4J 1.6.1 which
> is not released yet.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
