[jira] [Created] (CXF-4457) Extend WS-SecureConversation to support SAML Assertions for authentication

Glen Mazza (JIRA) Tue, 07 Aug 2012 11:40:19 -0700

Glen Mazza created CXF-4457:
-------------------------------

             Summary: Extend WS-SecureConversation to support SAML Assertions 
for authentication
                 Key: CXF-4457
                 URL: https://issues.apache.org/jira/browse/CXF-4457
             Project: CXF
          Issue Type: Improvement
          Components: WS-* Components
            Reporter: Glen Mazza
             Fix For: 2.7.0



Hi, as shown for GlassFish Metro:
https://gist.github.com/3191480 

Support the following authentication mechanism:
1.) The WSC gets a SAML assertion from the STS.
2.) The WSC sends that SAML assertion to the WSP to get the SCT from the WSP
3.) All subsequent real calls for doubled numbers between WSC and WSP use the 
SCT and not the SAML assertion.

Here is a Netbeans-generated WSDL for this scenario:
https://github.com/gmazza/blog-samples/blob/master/cxf_sts_tutorial/service/src/main/resources/DoubleItSecrConv.txt

A sample testcase that can be used (steps to use: update WSP WSDL with the one 
above, run mvn clean install from base folder, then mvn exec:exec from client 
folder): https://github.com/gmazza/blog-samples/tree/master/cxf_sts_tutorial

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Created] (CXF-4457) Extend WS-SecureConversation to support SAML Assertions for authentication

Reply via email to