Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Not A Problem
-
3.0.6
-
None
-
None
-
Unknown
Description
Processing of SAML token results in call of configured ws-security.callback-handler same as for Username Token.
When CXF receives (no UT in it):
<wss:Security>
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="Abc-1" IssueInstant="2016-08-16T08:13:47Z" Version="2.0">
<saml:Issuer Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">CN=user</saml:Issuer>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">some_name</saml:NameID>
...
</wss:Security>
it calls configured:
ws-security.callback-handler=com.SecurityCallback
with ID="Abc-1" from above Security section as username.
Ignoring this and moving on has no impact on processing SAML token but if SecurityCallback does some funny stuff (or at list logging) for each received UT it is really confusing.