Renaud created CXF-8567:
---------------------------
Summary: AdviceBean in CXF STS using SAMLTokenProvider
Key: CXF-8567
URL: https://issues.apache.org/jira/browse/CXF-8567
Project: CXF
Issue Type: New Feature
Components: JAX-WS Runtime, STS
Affects Versions: 3.4.4
Reporter: Renaud
In the context of a new project, I need to implement a STS that is able to
generate SAML tokens for users already authenticated. As a result, the SAML
assertion returns by the STS must contain reference to the SAML assertion sent
in the request.
Similar to the following:
{code:java}
<saml2:Assertion ID="_78a4e4c6-d394-4c18-89da-7f9eb82dc517"
IssueInstant="2021-07-22T21:02:16.176Z" Version="2.0"
xsi:type="saml2:AssertionType"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
...
<saml2:Subject>
<saml2:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">fPzBicjKXtADawasyp1d1w==</saml2:NameID>
<saml2:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
</saml2:Subject>
<saml2:Conditions NotBefore="2021-07-13T12:07:58.417Z"
NotOnOrAfter="2021-07-13T14:07:58.417Z"/>
<saml2:Advice>
<saml2:AssertionIDRef>_2c84dd7b-728c-4a35-95ed-dc36aeda731e</saml2:AssertionIDRef>
</saml2:Advice>
<saml2:AuthnStatement AuthnInstant="2021-07-13T12:07:58.417Z">
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
...
</saml2:Assertion>
{code}
Currently, I implement my own providers using the following interfaces to
populate/customize the generated SAML assertion:
* {{AttributeStatementProvider}}
* {{AuthDecisionStatementProvider}}
* {{AuthenticationStatementProvider}}
* {{ConditionsProvider}}
However, I do not find a mechanism to populate the {{AdviceBean.}}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
