Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ability to configure SAML callback in Wss4jInterceptor [SWS-955] #1027

Closed
gregturn opened this issue Apr 14, 2016 · 3 comments
Closed

Ability to configure SAML callback in Wss4jInterceptor [SWS-955] #1027

gregturn opened this issue Apr 14, 2016 · 3 comments
Assignees
Milestone

Comments

@gregturn
Copy link
Member

@gregturn gregturn commented Apr 14, 2016

jaminh opened SWS-955 and commented

In order to secure messages with SAML a method for configuring a SAML callback needs to be added. Also I was getting errors when I didn't set the validationActions because the validationActionsVector didn't get initialized.


Affects: 2.4.0

Referenced from: pull request #100, and commits 186bb24, e34fb93

@gregturn
Copy link
Member Author

@gregturn gregturn commented Apr 14, 2016

jaminh commented

I originally commented about this on #963 but since that has been included in the recent 2.3.0 release I made a new issue for it. I also have an updated pull request #68

@gregturn
Copy link
Member Author

@gregturn gregturn commented Dec 14, 2016

jaminh commented

I made some updates for this Jira. Since there is a separate issue (#1032) for the validation actions issue I split that out. I also added JUnit tests for creating and validating a SAML assertion. These changes can be found here https://github.com/jaminh/spring-ws/tree/feature/SWS-955-961. It is probably worth noting that I had to exclude the old version of opensaml that gets included with wss4j 1.6, it seems like everything still builds but if people are using SAML with the old wss4j they would likely have to exclude the new opensaml dependencies and include the old opensaml in their project.

@gregturn
Copy link
Member Author

@gregturn gregturn commented Apr 20, 2017

jaminh commented

I tried adding JUnit tests for securing messages with SAML in the Wss4jInterceptor and I ran into issues when OpenSAML gets initialized and both opensaml-2 and opensaml-3 are on the classpath. In order to deal with this issue I think it might be best to separate the WSS4J 2 classes into a separate project so that the old version of opensaml can be excluded. I have an example of this here https://github.com/jaminh/spring-ws/tree/feature/SWS-955-new.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
You can’t perform that action at this time.