[jira] [Updated] (CXF-3524) Support Derived Keys with the Symmetric Binding + SAML Assertions

Mon, 16 May 2011 09:02:29 -0700 

     [ 
https://issues.apache.org/jira/browse/CXF-3524?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated CXF-3524:
-------------------------------------

          Component/s: WS-* Components
          Description: 
There are a couple of problems with using Derived Keys pointing towards SAML 
Assertions when using the symmetric binding:

 1) The SymmetricBindingHandler can't handle creating a reference to SAML 
Assertion if the security token does not have a (un)attached Reference to the 
Assertion.
 2) In the holder-of-key case, using a derived key will cause the holder-of-key 
requirements processing to fail.

Creating a JIRA + patch for this, as it depends on a fix in WSS4J 1.6.1 which 
is not released yet.

  was:

There are a couple of problems with using Derived Keys pointing towards SAML 
Assertions when using the symmetric binding:

 1) The SymmetricBindingHandler can't handle creating a reference to SAML 
Assertion if the security token does not have a (un)attached Reference to the 
Assertion.
 2) In the holder-of-key case, using a derived key will cause the holder-of-key 
requirements processing to fail.

Creating a JIRA + patch for this, as it depends on a fix in WSS4J 1.6.1 which 
is not released yet.

    Affects Version/s: 2.4
        Fix Version/s: 2.4.1

> Support Derived Keys with the Symmetric Binding + SAML Assertions
> -----------------------------------------------------------------
>
>                 Key: CXF-3524
>                 URL: https://issues.apache.org/jira/browse/CXF-3524
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 2.4
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.4.1
>
>
> There are a couple of problems with using Derived Keys pointing towards SAML 
> Assertions when using the symmetric binding:
>  1) The SymmetricBindingHandler can't handle creating a reference to SAML 
> Assertion if the security token does not have a (un)attached Reference to the 
> Assertion.
>  2) In the holder-of-key case, using a derived key will cause the 
> holder-of-key requirements processing to fail.
> Creating a JIRA + patch for this, as it depends on a fix in WSS4J 1.6.1 which 
> is not released yet.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to