Re: [higgins-dev] encrypted assertions with higgins saml2 util library

Thu, 04 Jun 2009 04:47:32 -0700 

Hi Tor,
Higgins STS does encryption of SAML tokens by adding TokenEncryptHandler to the ExtensionList of SAMLIssue 

http://dev.eclipse.org/svnroot/technology/org.eclipse.higgins/trunk/plugins/org.eclipse.higgins.sts.binding.axis1x.service/WebContent/ConfigurationFiles/ManagedConfiguration.xml


			<!-- Consumes incoming credentials and generates a Provider Signed  
SAML Token -->

                        <Setting Name="SAMLIssue" Type="htf:map">
                                <Setting Name="ExtensionList" Type="htf:list">

					<Setting Name="First" Type="xsd:string">DigitalIdentityHandler</ 
Setting>
					<Setting Name="Third" Type="xsd:string">TokenGeneratorHandler</ 
Setting>
					<Setting Name="Fourth" Type="xsd:string">TokenEncryptHandler</ 
Setting>

                                </Setting>
                        </Setting>

                .......
        

		<!-- The name of the class that provides the factory for the class  
that implements the Apache XML Security Extension -->
		<Setting Name="XMLSecurityExtension"  
Type 
= 
"htf:singleton 
"> 
org 
.eclipse 
.higgins.sts.xmlsecurity.apache.XMLSecurityApacheExtensionFactory</ 
Setting>



You may not be able to use  
org.eclipse.higgins.sts.server.token.encrypt as it is but if you look at


http://dev.eclipse.org/svnroot/technology/org.eclipse.higgins/trunk/plugins/org.eclipse.higgins.sts.server.token.encrypt/src/org/eclipse/higgins/sts/server/token/encrypt/TokenEncryptHandler.java

you might get an idea how it is done and use the similar approach


			final org.eclipse.higgins.sts.api.IElement  
elemEncryptedRequestedSecurityToken = xmlSecurity.EncryptElement

                        ("saml:Assertion",
                        elemRequestedSecurityToken,
                        strAppliesToIdentityCertificate);


The above call is using another project  
org.eclipse.higgins.sts.xmlsecurity.apache to do the actual encryption.


Is that you are looking for?

-Jeesmon

On Jun 4, 2009, at 5:29 AM, Torgeir Veimo wrote:


Hi,

I have a need to implement support for encrypted assertion replies in
the higgins saml2 utility library.

I'm currently using a library called saml2api
(http://sourceforge.net/projects/saml2api/), which builds upon an
older version of the higgins library, and which doesn't support
encrypted assertions. I was thinking about updating saml2api to use
the current higging saml2 library (version 1.0.600?), then implement
encrypted assertions.

I was wondering if anyone on this list have looked into supporting
this already?

--
-Tor
_______________________________________________
higgins-dev mailing list
[email protected]
https://dev.eclipse.org/mailman/listinfo/higgins-dev





Attachment:
smime.p7s

Description: S/MIME cryptographic signature


_______________________________________________
higgins-dev mailing list
[email protected]
https://dev.eclipse.org/mailman/listinfo/higgins-dev






















					Reply via email to