[
https://issues.apache.org/jira/browse/WSS-516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14163224#comment-14163224
]
Colm O hEigeartaigh commented on WSS-516:
-----------------------------------------
Hi Jason,
Why does the SAML AssertionWrapper need to call setSamlVersion before calling
the CallbackHandler? It's called *after* calling the CallbackHandler in the
"parseCallback" method. The idea behind getting a DOM Element from the
CallbackHandler was if a SAML Assertion Element was already available. The
setSamlVersion functionality is only meant to work if you are creating a new
SAML Assertion.
BTW in WSS4J 2.0, there is no SamlParms. Instead, everything is obtained from
the SAMLCallback object itself.
Colm.
> Change saml AssertionWrapper to setSamlVersion before calling callback handler
> ------------------------------------------------------------------------------
>
> Key: WSS-516
> URL: https://issues.apache.org/jira/browse/WSS-516
> Project: WSS4J
> Issue Type: Improvement
> Components: WSS4J Core
> Affects Versions: 2.0.2, 1.6.17
> Reporter: Jason Pell
> Assignee: Colm O hEigeartaigh
> Priority: Minor
> Fix For: 1.6.18, 2.0.3
>
> Attachments: patch-1.6.txt
>
>
> If the SAMLCallback was provided the expected Saml Version based on
> information already provided to the AssertionWrapper, it would be easy for a
> local SAMLCallback to create the correct saml token.
> For most everything in CXF we can use the WS-Policy to determine what needs
> to be done on the client side to correct interface with a cxf web service.
> With this small change a SAML Callback handler can create the appropriately
> versioned saml token without additional configuration.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
