[jira] [Assigned] (CXF-8567) AdviceBean in CXF STS using SAMLTokenProvider

Tue, 31 May 2022 01:02:41 -0700 


     [ 
https://issues.apache.org/jira/browse/CXF-8567?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh reassigned CXF-8567:
----------------------------------------

    Assignee: Colm O hEigeartaigh

> AdviceBean in CXF STS using SAMLTokenProvider
> ---------------------------------------------
>
>                 Key: CXF-8567
>                 URL: https://issues.apache.org/jira/browse/CXF-8567
>             Project: CXF
>          Issue Type: New Feature
>          Components: JAX-WS Runtime, STS
>    Affects Versions: 3.4.4
>            Reporter: subigre
>            Assignee: Colm O hEigeartaigh
>            Priority: Major
>
> In the context of a new project, I need to implement a STS that generates 
> some SAML tokens for users already authenticated.
> As a result, the SAML assertion returns by the STS must contain reference to 
> the SAML assertion sent in the request.
>  
> {code:java}
> <saml2:Assertion ID="_78a4e4c6-d394-4c18-89da-7f9eb82dc517" 
> IssueInstant="2021-07-22T21:02:16.176Z" Version="2.0" 
> xsi:type="saml2:AssertionType" 
> xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" 
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"; 
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
>     ...
>     <saml2:Subject>
>         <saml2:NameID 
> Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">fPzBicjKXtADawasyp1d1w==</saml2:NameID>
>         <saml2:SubjectConfirmation 
> Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
>     </saml2:Subject>
>     <saml2:Conditions NotBefore="2021-07-13T12:07:58.417Z" 
> NotOnOrAfter="2021-07-13T14:07:58.417Z"/>
>     <saml2:Advice>
>         
> <saml2:AssertionIDRef>_2c84dd7b-728c-4a35-95ed-dc36aeda731e</saml2:AssertionIDRef>
>     </saml2:Advice>
>     <saml2:AuthnStatement AuthnInstant="2021-07-13T12:07:58.417Z">
>       <saml2:AuthnContext>
>             
> <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession</saml2:AuthnContextClassRef>
>         </saml2:AuthnContext>
>     </saml2:AuthnStatement>
>     ...
> </saml2:Assertion>
> {code}
>  
> Currently, I implement my own providers using the following interfaces to 
> populate/customize the rest of the SAML assertion:
>  * {{AttributeStatementProvider}}
>  * {{AuthDecisionStatementProvider}}
>  * {{AuthenticationStatementProvider}}
>  * {{ConditionsProvider}}
> However, I do not find a mechanism to populate the {{AdviceBean.}}
>  



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

Reply via email to