[
https://issues.apache.org/jira/browse/WSS-354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13493064#comment-13493064
]
Marc Giger commented on WSS-354:
--------------------------------
Hi Colm,
The StAX code uses the same API as the DOM code does. So if you specify
SAML_TOKEN_SIGNED as an outbound
action (DOM & StAX) the following code will be executed and the standard
algorithm will be applied:
if (samlCallback.isSignAssertion()) {
samlAssertionWrapper.signAssertion(
samlCallback.getIssuerKeyName(),
samlCallback.getIssuerKeyPassword(),
samlCallback.getIssuerCrypto(),
samlCallback.isSendKeyValue()
);
}
If you want other algo's you have to build the SAML Assertion yourself and
handover it via SAMLCallback (DOM & StAX).
An improvement could/would be for the users if we allow to set custom algo's
via SAMLCallback so that the users don't have to build the whole assertion
manually just to specify different algo's.
Please advice:-)
Marc
> Add support for specifying different algs for sign or c14n a SAML Assertion
> in the streaming code.
> --------------------------------------------------------------------------------------------------
>
> Key: WSS-354
> URL: https://issues.apache.org/jira/browse/WSS-354
> Project: WSS4J
> Issue Type: Sub-task
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 2.0
>
>
> Add support for specifying different algs for sign or c14n a SAML Assertion
> in the streaming code.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org
For additional commands, e-mail: dev-h...@ws.apache.org
