[
https://issues.apache.org/jira/browse/CXF-8567?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
subigre updated CXF-8567:
-------------------------
Description:
In the context of a new project, I need to implement a STS that generates some
SAML tokens for users already authenticated.
As a result, the SAML assertion returns by the STS must contain reference to
the SAML assertion sent in the request.
{code:java}
<saml2:Assertion ID="_78a4e4c6-d394-4c18-89da-7f9eb82dc517"
IssueInstant="2021-07-22T21:02:16.176Z" Version="2.0"
xsi:type="saml2:AssertionType"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
...
<saml2:Subject>
<saml2:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">fPzBicjKXtADawasyp1d1w==</saml2:NameID>
<saml2:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
</saml2:Subject>
<saml2:Conditions NotBefore="2021-07-13T12:07:58.417Z"
NotOnOrAfter="2021-07-13T14:07:58.417Z"/>
<saml2:Advice>
<saml2:AssertionIDRef>_2c84dd7b-728c-4a35-95ed-dc36aeda731e</saml2:AssertionIDRef>
</saml2:Advice>
<saml2:AuthnStatement AuthnInstant="2021-07-13T12:07:58.417Z">
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
...
</saml2:Assertion>
{code}
Currently, I implement my own providers using the following interfaces to
populate/customize the rest of the SAML assertion:
* {{AttributeStatementProvider}}
* {{AuthDecisionStatementProvider}}
* {{AuthenticationStatementProvider}}
* {{ConditionsProvider}}
However, I do not find a mechanism to populate the {{AdviceBean.}}
was:
In the context of a new project, I need to implement a STS that generates some
SAML tokens for users already authenticated.
As a result, the SAML assertion returns by the STS must contain reference to
the SAML assertion sent in the request.
{code:java}
<saml2:Assertion ID="_78a4e4c6-d394-4c18-89da-7f9eb82dc517"
IssueInstant="2021-07-22T21:02:16.176Z" Version="2.0"
xsi:type="saml2:AssertionType"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
...
<saml2:Subject>
<saml2:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">fPzBicjKXtADawasyp1d1w==</saml2:NameID>
<saml2:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
</saml2:Subject>
<saml2:Conditions NotBefore="2021-07-13T12:07:58.417Z"
NotOnOrAfter="2021-07-13T14:07:58.417Z"/>
<saml2:Advice>
<saml2:AssertionIDRef>_2c84dd7b-728c-4a35-95ed-dc36aeda731e</saml2:AssertionIDRef>
</saml2:Advice>
<saml2:AuthnStatement AuthnInstant="2021-07-13T12:07:58.417Z">
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
...
</saml2:Assertion>
{code}
Currently, I implement my own providers using the following interfaces to
populate/customize the rest of the SAML assertion:
* {{AttributeStatementProvider}}
* {{AuthDecisionStatementProvider}}
* {{AuthenticationStatementProvider}}
* {{ConditionsProvider}}
However, I do not find a mechanism to populate the {{AdviceBean.}}
> AdviceBean in CXF STS using SAMLTokenProvider
> ---------------------------------------------
>
> Key: CXF-8567
> URL: https://issues.apache.org/jira/browse/CXF-8567
> Project: CXF
> Issue Type: New Feature
> Components: JAX-WS Runtime, STS
> Affects Versions: 3.4.4
> Reporter: subigre
> Priority: Major
>
> In the context of a new project, I need to implement a STS that generates
> some SAML tokens for users already authenticated.
> As a result, the SAML assertion returns by the STS must contain reference to
> the SAML assertion sent in the request.
>
> {code:java}
> <saml2:Assertion ID="_78a4e4c6-d394-4c18-89da-7f9eb82dc517"
> IssueInstant="2021-07-22T21:02:16.176Z" Version="2.0"
> xsi:type="saml2:AssertionType"
> xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
> ...
> <saml2:Subject>
> <saml2:NameID
> Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">fPzBicjKXtADawasyp1d1w==</saml2:NameID>
> <saml2:SubjectConfirmation
> Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
> </saml2:Subject>
> <saml2:Conditions NotBefore="2021-07-13T12:07:58.417Z"
> NotOnOrAfter="2021-07-13T14:07:58.417Z"/>
> <saml2:Advice>
>
> <saml2:AssertionIDRef>_2c84dd7b-728c-4a35-95ed-dc36aeda731e</saml2:AssertionIDRef>
> </saml2:Advice>
> <saml2:AuthnStatement AuthnInstant="2021-07-13T12:07:58.417Z">
> <saml2:AuthnContext>
>
> <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession</saml2:AuthnContextClassRef>
> </saml2:AuthnContext>
> </saml2:AuthnStatement>
> ...
> </saml2:Assertion>
> {code}
>
> Currently, I implement my own providers using the following interfaces to
> populate/customize the rest of the SAML assertion:
> * {{AttributeStatementProvider}}
> * {{AuthDecisionStatementProvider}}
> * {{AuthenticationStatementProvider}}
> * {{ConditionsProvider}}
> However, I do not find a mechanism to populate the {{AdviceBean.}}
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
