[jira] [Created] (WSS-712) SignatureDigestAlgorithm of SAMLCallback not taken into account

Bryan Brouckaert (Jira) Wed, 05 Jun 2024 01:57:04 -0700

Bryan Brouckaert created WSS-712:
------------------------------------

             Summary: SignatureDigestAlgorithm of SAMLCallback not taken into 
account
                 Key: WSS-712
                 URL: https://issues.apache.org/jira/browse/WSS-712
             Project: WSS4J
          Issue Type: Bug
          Components: WSS4J Core
    Affects Versions: 3.0.3
            Reporter: Bryan Brouckaert
            Assignee: Colm O hEigeartaigh



The SAML_TOKEN_UNSIGNED-action, implemented by the 
{{org.apache.wss4j.dom.action.SAMLTokenUnsignedAction}} class doesn't take into 
account the 
{{SignatureDigestAlgorithm}} property of the 
{{org.apache.wss4j.common.saml.SAMLCallback}}.

It uses the 
{{org.apache.wss4j.common.saml.SamlAssertionWrapper#signAssertion(java.lang.String,
 java.lang.String, org.apache.wss4j.common.crypto.Crypto, boolean, 
java.lang.String, java.lang.String)}} methods that always uses the default 
SignatureDigestAlgorithm.

 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (WSS-712) SignatureDigestAlgorithm of SAMLCallback not taken into account

Reply via email to