Resolution: Won't Fix
Affects Version/s: None
Fix Version/s: None
Component/s: WS-* Components
I am using the "SAMLTokenSigned" action in my client and server setup.
Using the action in the WSS4JOutInterceptor works correctly and ends up setting a single HandlerAction when sending data down to doSenderAction:
The action constant is ST_SIGNED:
When processing the header, there seems to be an additional action discovered.
The first WSSecurityEngineResult is a SAMLToken:
A second WSSecurityEngine result is added based on the SignatureProcessor:
The failure then happens when checkReceiverResultsInAnyOrder is invoked.
We have 1 recorded action and 2 found actions in the wsResult value:
When checking if that additional action, which is a signature is part of the recorded action, the check will fail and our interceptor will produce a fault:
On the server side, we can set the actions to both a "SAMLTokenSigned" and "Signature":
1. Should the SAMLSignedToken handling also add a receiver action of SIGN (WSConstant.SC)?