Details
-
Improvement
-
Status: Closed
-
Minor
-
Resolution: Not A Problem
-
3.0.3
-
None
-
None
-
Moderate
Description
public class SamlCallbackHandler implements CallbackHandler {
private boolean saml2 = true; //SAML 2.0 hard coded to true prevents SAML 1.1 assert
.\systests\ws-security\target\test-classes\org\apache\cxf\systest\ws\saml\client.xml
//you can see where SAML1.1 SupportingTokens is commented out
<!--
<sp:SupportingTokens>
<wsp:Policy>
<sp:SamlToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssSamlV11Token11/>
</wsp:Policy>
</sp:SamlToken>
</wsp:Policy>
</sp:SupportingTokens>
-->