[
https://issues.apache.org/jira/browse/WSS-146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12677580#action_12677580
]
Todd Dunst commented on WSS-146:
--------------------------------
Thanks for the update Brian.
I have applied your patch, and can verify that it works when sender vouches is
selected for the subject confirmation method (I haven't tested holder-of-key
yet.. I'll let you know). I have also created a new version, essentially
merging your approach with mine to allow the AssertionWrapper to generate both
SAML v1.1, as well as SAML v2.0 compliant assertions. The code now reads a new
property from the saml.properties file (org.apache.ws.security.saml.version) in
order to control which version SAML specification version to use for both
assertion statement creation and validation. I have tested this with the
sender vouches subject confirmation method, and can now create and validate
either SAML v1.1 or SAML v2.0 assertions by simply switching the value in the
properties file.
I also now understand why I was getting the class cast exception that I
mentioned earlier. The toDOM() method in the OpenSAMLUtil class was still not
doing the right thing. It worked when running JUnits within the WSS4J project,
but failed when I attempted to use the patched library with the Apache Axis2
SOAP framework. The reason for this is that Axis2 makes use of a completely
different DOM implementation (Axiom) than the OpenSaml2 marshaller
implementation (which simply uses the Xerces DOM from the environment). As
soon as I attempted to add the OpenSaml2 marshalled assertion to the Axis2
Axiom DOM, I received the class cast exception. I fixed this by making a
simple modification to the OpenSAMLUtil.toDom() method which now correctly
imports the foreign DOM into the Axiom DOM so that you can combine the output
of OpenSaml2 with that of Axis2. I have tested this modification with the
JUnits of WSS4J, as well as with a full blown Axis2 SOAP client and server and
it works perfectly in both instances.
I will post a patch early next week which include all of these modifications.
> Upgrade opensaml dependency to 2.x line
> ---------------------------------------
>
> Key: WSS-146
> URL: https://issues.apache.org/jira/browse/WSS-146
> Project: WSS4J
> Issue Type: Improvement
> Reporter: Bob Jacoby
> Assignee: Ruchith Udayanga Fernando
> Priority: Minor
> Attachments: wss4j_opensaml2.1.0.patch,
> wss4j_opensaml2.1.0_correct.patch, wss4j_opensaml2.2.3.patch
>
>
> WSS4J has a dependency on opensaml 1.1. OpenSAML 1.1 is, for the most part,
> no longer supported (https://spaces.internet2.edu/display/OpenSAML/OS1Status).
> 2.1 has been out for a while, and 2.2 was released in Oct. '08. The 2.x line
> is not backwards compatible with 1.1 so unfortunately it's not as simple as
> dropping in the newer jar.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
