[jira] [Resolved] (CXF-7786) SAML2.0 hardcoded prevents SAML1.1 assertion from working

Tue, 10 Jul 2018 08:43:13 -0700 


     [ 
https://issues.apache.org/jira/browse/CXF-7786?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved CXF-7786.
--------------------------------------
    Resolution: Not A Problem

The SamlCallbackHandler in question is just a test-class. The portion in 
"client.xml" that is commented out is to test that a request with no token 
fails service policy validation.

Incidentally, the SAML Version is set automatically on the SAMLCallback object 
for the policy case, so you don't need to specify it in the CallbackHandler. 
See:

https://github.com/apache/cxf/blob/25e88017b49bde5a53bce8dab3ecc93aab6dd040/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java#L923

> SAML2.0 hardcoded prevents SAML1.1 assertion from working
> ---------------------------------------------------------
>
>                 Key: CXF-7786
>                 URL: https://issues.apache.org/jira/browse/CXF-7786
>             Project: CXF
>          Issue Type: Improvement
>          Components: Clustering, Configuration
>    Affects Versions: 3.0.3
>         Environment: Apache Maven 3.5.3 
> (3383c37e1f9e9b3bc3df5050c29c8aff9f295297; 2018-02-24T14:49:05-05:00)
> Maven home: /maven3.5.3/bin/
> Java version: 1.8.0_161, vendor: Oracle Corporation
> Java home: /JDK18~1.0_1/jre
> Default locale: en_US, platform encoding: Cp1252
>   cxf version=3.0.3
>            Reporter: Martin Gainty
>            Priority: Minor
>   Original Estimate: 336h
>  Remaining Estimate: 336h
>
> public class SamlCallbackHandler implements CallbackHandler {
>  private boolean saml2 = true; //SAML 2.0 hard coded to true prevents SAML 
> 1.1 assert
>  
> .\systests\ws-security\target\test-classes\org\apache\cxf\systest\ws\saml\client.xml
> //you can see where SAML1.1 SupportingTokens is commented out
> <!--
>  <sp:SupportingTokens>
>  <wsp:Policy>
>  <sp:SamlToken
>  
> sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
>  <wsp:Policy>
>  <sp:WssSamlV11Token11/>
>  </wsp:Policy>
>  </sp:SamlToken>
>  </wsp:Policy>
>  </sp:SupportingTokens>
>  -->



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to