[
https://issues.apache.org/jira/browse/CXF-3243?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12980792#action_12980792
]
Colm O hEigeartaigh commented on CXF-3243:
------------------------------------------
I'm porting WSS4J to use Opensaml2 at the moment. WSS4J 1.6 will have the
ability to easily construct SAML 1.1 and 2 assertions via a CallbackHandler
implementation, e.g.:
https://svn.apache.org/repos/asf/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/SAML2CallbackHandler.java
We can leave this JIRA open to add support for specifying the CallbackHandler
in CXF config.
Colm.
> SAML 2.0 CallBackHandler support
> --------------------------------
>
> Key: CXF-3243
> URL: https://issues.apache.org/jira/browse/CXF-3243
> Project: CXF
> Issue Type: Improvement
> Components: WS-* Components
> Affects Versions: 2.3.1
> Environment: Windows XP, Apache Tomcat 7.0, CXF 2.3.1
> Reporter: David Morris
>
> Need a SAML2.0 CallbackHandler to be supported in WSS4J for CXF.
> (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor class).
> Developed a 'hack' in org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor to
> call a 'custom' SAML2.0 CallbackHandler. This code works for now but would
> like a better implementation configurable in CXF+Spring similar to the
> WSPassword. I am researching for a better implementation via the CXF source
> code.
> Suggestion:
> Have the SAMLCallback (SAML1.0 & SAML2.0) configurable in CXF + Spring
> similar to the WSPasswordCallback.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
