Validate SAML assertions targeted at JAX-RS endpoints
------------------------------------------------------
Key: CXF-3588
URL: https://issues.apache.org/jira/browse/CXF-3588
Project: CXF
Issue Type: Sub-task
Components: JAX-RS
Affects Versions: 2.5
Reporter: Sergey Beryozkin
Assignee: Sergey Beryozkin
This task is about ensuring that SAML assertions can be validated either
in-place, example by checking the assertion signature against a client cert in
case of two-way TLS or by delegating to STS client for confirming it recognizes
the assertion which it must've issued in the first place.
How SAML assertion will be associated with the current request is not yet
finalized. SAML HTTP POST binding offers the way to pass it via a form
submission. Or we can get an artifact representing an STS response containing
the assertion passed in and then get a compliant IDP resolve the artifact (vis
STS). Or use a header and effectively create another SAML HTTP binding. Etc...
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
