[WSS-309] Improve the configurability of the SAML signature creation in AssertionWrapper - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.6.2
Fix Version/s: 1.6.3
Component/s: WSS4J Core
Labels:
None

Description

The AssertionWrapper class is used in WSS4J to create a SAML Assertion
via a CallbackHandler. It has a method that can be used to sign the SAML
Assertion:

public void signAssertion(
String issuerKeyName,
String issuerKeyPassword,
Crypto issuerCrypto,
boolean sendKeyValue
)

The signature and canonicaliazation algorithms currently used are hard coded as showed by the following code snippet:

signature.setCanonicalizationAlgorithm(
SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS
);

String sigAlgo = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1;
String pubKeyAlgo = issuerCerts[0].getPublicKey().getAlgorithm();

if (pubKeyAlgo.equalsIgnoreCase("DSA")) {
sigAlgo = SignatureConstants.ALGO_ID_SIGNATURE_DSA;
}

There should be a way for the user to be able to configure these algorithms

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

0001-made-the-canonicalization-and-signature-algorithm-co.patch
18/Aug/11 15:47
12 kB
Anubhav Sharma

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Anubhav Sharma

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 18/Aug/11 13:59

Updated:: 03/Oct/11 08:56

Resolved:: 18/Aug/11 15:56