[
https://issues.apache.org/jira/browse/WSS-240?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Valeri updated WSS-240:
-----------------------------
Description: Numerous places within WSS4J assume that the KeyInfo within
the SAML authentication statement will contain only a ds:X509Data element with
the complete certificate contents. In many cases, the assertion only contains
the key value without the additional X509 information. WSS4J should support
sending and receiving signed messages using a SAML assertion with only KeyValue
data. (was: Numerous places withing WSS4J assume that the KeyInfo withing the
SAML authentication statement will contain only a ds:X509Data element with the
complete certificate contents. In many cases, the assertion only contains the
key value without the additional X509 information. WSS4J should support
sending and receiving signed messages using a SAML assertion with only KeyValue
data.)
> Support KeyValue in SAML subject
> --------------------------------
>
> Key: WSS-240
> URL: https://issues.apache.org/jira/browse/WSS-240
> Project: WSS4J
> Issue Type: Improvement
> Components: WSS4J Core
> Affects Versions: 1.5.9, 1.6
> Reporter: David Valeri
> Assignee: Ruchith Udayanga Fernando
> Fix For: 1.5.9, 1.6
>
>
> Numerous places within WSS4J assume that the KeyInfo within the SAML
> authentication statement will contain only a ds:X509Data element with the
> complete certificate contents. In many cases, the assertion only contains
> the key value without the additional X509 information. WSS4J should support
> sending and receiving signed messages using a SAML assertion with only
> KeyValue data.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscr...@ws.apache.org
For additional commands, e-mail: wss4j-dev-h...@ws.apache.org
