[jira] [Comment Edited] (WSS-622) from SAMLCallback no possible setting SAML2 SubjectConfirmation.NameID

JIRA Thu, 08 Feb 2018 07:41:20 -0800

    [ 
https://issues.apache.org/jira/browse/WSS-622?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16357059#comment-16357059
 ]


Zsolt Fatér edited comment on WSS-622 at 2/8/18 3:40 PM:
---------------------------------------------------------

I am missing the 
Envelope/Header/Security/Assertion/Subject/SubjectConfirmation/NameID

Here is an example:
{code:xml}
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";>
  <soap:Header>
    <wsse:Security 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 soap:mustUnderstand="1">
      <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; 
ID="_a01e102a-93f8-4f80-830b-14935b65b452" 
IssueInstant="2018-02-08T14:57:57.069Z" Version="2.0" 
xsi:type="saml2:AssertionType">
        <saml2:Issuer>anyk</saml2:Issuer>
        <saml2:Subject>
          <saml2:NameID 
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" 
NameQualifier="subjectNameQualifier">subjectNameQualifierValue</saml2:NameID>
          <saml2:SubjectConfirmation 
Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
            <!-- I am missing this part -->
            <saml2:NameID 
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" 
NameQualifier="confirmationNameQualifier">confirmationNameQualifier</saml2:NameID>
          </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2018-02-08T14:57:57.070Z" 
NotOnOrAfter="2018-02-08T15:02:57.070Z"/>
      </saml2:Assertion>
    </wsse:Security>
  </soap:Header>
  <soap:Body>
    <ns3:dataRequest xmlns:ns3="namespace" />
  </soap:Body>
</soap:Envelope>
{code}
I was attached a patch, which is solved my problem. The patch is base on wss2j 
2.2.1 version.

_Edited_

I was make a pull request on github: https://github.com/apache/wss4j/pull/9


was (Author: zsoltii):
I am missing the 
Envelope/Header/Security/Assertion/Subject/SubjectConfirmation/NameID

Here is an example:
{code:xml}
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";>
  <soap:Header>
    <wsse:Security 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 soap:mustUnderstand="1">
      <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; 
ID="_a01e102a-93f8-4f80-830b-14935b65b452" 
IssueInstant="2018-02-08T14:57:57.069Z" Version="2.0" 
xsi:type="saml2:AssertionType">
        <saml2:Issuer>anyk</saml2:Issuer>
        <saml2:Subject>
          <saml2:NameID 
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" 
NameQualifier="subjectNameQualifier">subjectNameQualifierValue</saml2:NameID>
          <saml2:SubjectConfirmation 
Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
            <!-- I am missing this part -->
            <saml2:NameID 
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" 
NameQualifier="confirmationNameQualifier">confirmationNameQualifier</saml2:NameID>
          </saml2:SubjectConfirmation>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2018-02-08T14:57:57.070Z" 
NotOnOrAfter="2018-02-08T15:02:57.070Z"/>
      </saml2:Assertion>
    </wsse:Security>
  </soap:Header>
  <soap:Body>
    <ns3:dataRequest xmlns:ns3="namespace" />
  </soap:Body>
</soap:Envelope>
{code}
I was attached a patch, which is solved my problem. The patch is base on wss2j 
2.2.1 version.

> from SAMLCallback no possible setting SAML2 SubjectConfirmation.NameID 
> -----------------------------------------------------------------------
>
>                 Key: WSS-622
>                 URL: https://issues.apache.org/jira/browse/WSS-622
>             Project: WSS4J
>          Issue Type: Wish
>          Components: WSS4J Handlers
>    Affects Versions: 2.2.0
>            Reporter: Zsolt Fatér
>            Assignee: Colm O hEigeartaigh
>            Priority: Minor
>         Attachments: 
> WSS4J_WSS-622_from_SAMLCallback_no_passible_setting_SAML2_SubjectConfirmation_NameID.patch
>
>
> In the SAMLCallback class doesn't possible to set the SAML2 
> SubjectConfirmation class NameID attribute.
> It will be good, if setting will be same then SubjectConfirationData setting.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Comment Edited] (WSS-622) from SAMLCallback no possible setting SAML2 SubjectConfirmation.NameID

Reply via email to