Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Won't Fix
-
None
-
None
-
None
-
Unknown
Description
Issue
I am using the "SAMLTokenSigned" action in my client and server setup.
Out Transport
Using the action in the WSS4JOutInterceptor works correctly and ends up setting a single HandlerAction when sending data down to doSenderAction:
The action constant is ST_SIGNED:
Inbound Data
When processing the header, there seems to be an additional action discovered.
The first WSSecurityEngineResult is a SAMLToken:
A second WSSecurityEngine result is added based on the SignatureProcessor:
The failure then happens when checkReceiverResultsInAnyOrder is invoked.
We have 1 recorded action and 2 found actions in the wsResult value:
When checking if that additional action, which is a signature is part of the recorded action, the check will fail and our interceptor will produce a fault:
Work Around
On the server side, we can set the actions to both a "SAMLTokenSigned" and "Signature":
// TODO work around here is to add Signature to the actions inProps.put("action", "SAMLTokenSigned Signature");
Questions
1. Should the SAMLSignedToken handling also add a receiver action of SIGN (WSConstant.SC)?