Can you post what the request looks like? Even a redacted version of it? Colm.
On Thu, Aug 29, 2019 at 7:48 PM Tóth Csaba <ig...@domen.hu> wrote: > Hello! > > I study the WSS4J SAML Validator, but not help much, my problem is need > to get the certificate based of the content of the request and header > SAML (get out the subject, do an query and the query give back the > certificate), and need to validate the SAML with this certificate. > > In this case (SamlAssertionValidator) is running before i able to parse > the request. I can create a dummy validate() function, but after I need > to somehow call it again. > > Any help will welcome. > > Thanx > > Csaba > > > > Does the SAML assertion appear in the security header of the request or > in > > the body of the request? For the former, you will need to implement your > > own WSS4J SAML Validator, or subclass the existing one in some way: > > > > > https://github.com/apache/wss4j/blob/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java > > > > If the SAML assertion is in the SOAP Body then it's handled by the STS > > code, so you will need to either replace or override this class: > > > > > https://github.com/apache/cxf/blob/master/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java > > > > Colm. > > > > On Tue, Aug 6, 2019 at 9:03 PM Tóth Csaba <ig...@domen.hu> wrote: > > > > > Hello! > > > > > > I have a request with the STS to validate a incoming SAML with a > > > certificate what come from another source: example need to query it > from > > > a database, based on the data in the request. > > > > > > How start it? I know the SAML validation is in the deep and need the > > > certificate to be in a truststore. Can I give directly the certificate > > > as an attribute or need to create a own, custom truststore manager? > > > > > > Thanx. > > > > > > Csaba > > > > > > > > > > -- > > Colm O hEigeartaigh > > > > Talend Community Coder > > http://coders.talend.com > > > >
