Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-7786

SAML2.0 hardcoded prevents SAML1.1 assertion from working

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Not A Problem
    • Affects Version/s: 3.0.3
    • Fix Version/s: None
    • Component/s: Clustering, Configuration
    • Labels:
      None
    • Environment:
    • Estimated Complexity:
      Moderate

      Description

      public class SamlCallbackHandler implements CallbackHandler {
      private boolean saml2 = true; //SAML 2.0 hard coded to true prevents SAML 1.1 assert

       

      .\systests\ws-security\target\test-classes\org\apache\cxf\systest\ws\saml\client.xml

      //you can see where SAML1.1 SupportingTokens is commented out
      <!--
      <sp:SupportingTokens>
      <wsp:Policy>
      <sp:SamlToken
      sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
      <wsp:Policy>
      <sp:WssSamlV11Token11/>
      </wsp:Policy>
      </sp:SamlToken>
      </wsp:Policy>
      </sp:SupportingTokens>
      -->

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              mgainty@hotmail.com Martin Gainty
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 336h
                336h
                Remaining:
                Remaining Estimate - 336h
                336h
                Logged:
                Time Spent - Not Specified
                Not Specified