Hi All,
I'm using a custom mediator in Synapse to acquire a SAML assertion that I then
wish to add as a SignedSupportingToken. The SAML assertion is acquired using
some legacy code developed under JAX-WS (I don;'t really want to change this).
I then convert the JAX-WS GenericToken into a org.apache.rahas.Token, which is
added to a token store. I then write the
RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN and TokenStorage.TOKEN_STORAGE_KEY
into the message context: See below
// Instatiate an org.apache.rahas.Token from the issued SAML assertion
Token tok = new Token(genericToken.getId(),
XMLUtils.toOM((Element) genericToken.getTokenValue()),
itCtx.getCreationTime(),
itCtx.getExpirationTime());
// Add the SupportingToken into the Axis Token store
TokenStorage storage = new SimpleTokenStore();
storage.add(tok);
// Add the Token and Token store in the Axis2 Message Context
Axis2MessageContext axis2MessageContext = (Axis2MessageContext) ctx;
org.apache.axis2.context.MessageContext msgCtx =
axis2MessageContext.getAxis2MessageContext();
msgCtx.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN,
genericToken.getId());
msgCtx.setProperty(TokenStorage.TOKEN_STORAGE_KEY, storage)
If the policy is set with a SupportingTokens assertion this works great.
However, if I change this to SignedSupportTokens the attempt to sign the
assertion fails with XMLSignatureException: Id not found. I know that when the
policy is set for SupportingTokens the assertion is present and the ID is
correct. Therefore, I feel that they may be an issue with the order in which
the RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN is added to the message. I don't
now the implementation well enough to state for certain there is a problem,
therefore, any guidance is appreciated.
thanks,
Graeme
