CXF
  1. CXF
  2. CXF-3225

Add support for saml tokens in sp:InitiatorToken

    Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.3.1
    • Fix Version/s: 2.4.4, 2.5.1
    • Component/s: WS-* Components
    • Labels:
      None

      Description

      Currently CXF does not support SAML tokens to be used as InitiatorToken in Asymmetric bindings, where as the certificate referred to in the SAML assertion signs the message content (eg SAML Holder of Key scenarios).

      chapter 6 Scenario #4 - Holder-of-Key (p28)
      http://www.oasis-open.org/committees/download.php/23071/ws-sp-usecases-examples-draft-11-03.doc

      chapter 2.3.1.5 (WSS1.0) SAML10 Holder of Key, Sign, Optional Encrypt
      http://www.oasis-open.org/committees/download.php/7702/wss-saml-interop1-draft-12.doc

      When the <sp:InitiatorToken> contains an <sp:IssuedToken> or a <sp:SamlToken> instead of <sp:WssX509V3Token10>, CXF signs the request and adds a BST by default. CXF does not ask for a SAML token and it is impossible to construct a message signature which SignatureTokenReference contains a reference to the SAML assertion (http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID)

      <wsse:SecurityTokenReference wsu:id="STR1">
      <wsse:KeyIdentifier wsu:id="..."
      ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">
      _a75adf55-01d7-40cc-929f-dbd8372ebdfc
      </wsse:KeyIdentifier>
      </wsse:SecurityTokenReference>

        Issue Links

          Activity

          No work has yet been logged on this issue.

            People

            • Assignee:
              Colm O hEigeartaigh
              Reporter:
              Willem Salembier
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development