SamlTokenIssuer adds X509Data element to KeyValue

Thu, 04 Oct 2007 09:00:25 -0700 

Hi all,
Running sample 05 of secure conversation (ws-trust) in rampart shows that the 
returned SAML assertion has the X509Data element included as the child of 
KeyValue element. But shouldn't it be included under the KeyInfo element 
instead?

This is actually throwing off the processing in SamlUtil.java when this 
assertion is sent to a service that expects a SamlToken.

Can someone please confirm?
Thanks,
Murali

---- snippet of the SAML Assertion ------

<AuthenticationStatement 
xmlns:axis2ns345="urn:oasis:names:tc:SAML:1.0:assertion" 
xmlns:axis2ns356="urn:oasis:names:tc:SAML:1.0:assertion" 
AuthenticationInstant="2007-10-04T15:32:37.765Z" 
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password">
                     <Subject 
xmlns:axis2ns357="urn:oasis:names:tc:SAML:1.0:assertion" 
xmlns:axis2ns346="urn:oasis:names:tc:SAML:1.0:assertion">
                        <NameIdentifier 
xmlns:axis2ns358="urn:oasis:names:tc:SAML:1.0:assertion" 
xmlns:axis2ns347="urn:oasis:names:tc:SAML:1.0:assertion" 
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">CN=Sample 
Client, OU=Rampart, O=Apache, L=Colombo, ST=Western, C=LK</NameIdentifier>
                        <SubjectConfirmation 
xmlns:axis2ns348="urn:oasis:names:tc:SAML:1.0:assertion" 
xmlns:axis2ns359="urn:oasis:names:tc:SAML:1.0:assertion">
                           <ConfirmationMethod 
xmlns:axis2ns360="urn:oasis:names:tc:SAML:1.0:assertion" 
xmlns:axis2ns349="urn:oasis:names:tc:SAML:1.0:assertion">urn:oasis:names:tc:SAML:1.0:cm:holder-of-key</ConfirmationMethod>
                           
                              
                                 
                                   
 
MIICTDCCAbUCBEbJZMQwDQYJKoZIhvcNAQEEBQAwbDELMAkGA1UEBhMCTEsxEDAOBgNVBAgTB1dlc3Rlcm4xEDAOBgNVBAcTB0NvbG9tYm8xDzANBgNVBAoTBkFwYWNoZTEQMA4GA1UECxMHUmFtcGFydDEWMBQGA1UEAxMNU2FtcGxlIENsaWVudDAgFw0wNzA4MjAwOTU0MTJaGA8yMDYyMDUyMzA5NTQxMlowbDELMAkGA1UEBhMCTEsxEDAOBgNVBAgTB1dlc3Rlcm4xEDAOBgNVBAcTB0NvbG9tYm8xDzANBgNVBAoTBkFwYWNoZTEQMA4GA1UECxMHUmFtcGFydDEWMBQGA1UEAxMNU2FtcGxlIENsaWVudDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAhjQp2NJRUrAEsPYIlg26m34O16E6WkyBWMbkSvy/FJQoNg2HSOtqF/DHmej7qqJCDtiHtdZqCTOo28cpyB3XJ0g6y23ADTy1v7qUjYieF4Bn3p9QFtyznUmKyZ6hK4CjGraYvcDgjRlnPkfeyVnNamkzJB7TVRaLkumRlxHgxm0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQBNLSbNEaGBj8GBoXWBndY3JFvblPvI2mDbtZsNiggGOCezyAufGe6RnR3s5DjR5YQqPcMiDtlskFQm4/SRN2Yh16E6l7LfsOhGQsPiPrDrci4T18pz1eDLSrtJiiBah1NdeISaD0kpoUiaNKiQiu16JCnxc8tGSw3nSPg44aLYmA'>http://www.w3.org/2000/09/xmldsig#";>MIICTDCCAbUCBEbJZMQwDQYJKoZIhvcNAQEEBQAwbDELMAkGA1UEBhMCTEsxEDAOBgNVBAgTB1dlc3Rlcm4xEDAOBgNVBAcTB0NvbG9tYm8xDzANBgNVBAoTBkFwYWNoZTEQMA4GA1
UECxMHUmFtcGFydDEWMBQGA1UEAxMNU2FtcGxlIENsaWVudDAgFw0wNzA4MjAwOTU0MTJaGA8yMDYyMDUyMzA5NTQxMlowbDELMAkGA1UEBhMCTEsxEDAOBgNVBAgTB1dlc3Rlcm4xEDAOBgNVBAcTB0NvbG9tYm8xDzANBgNVBAoTBkFwYWNoZTEQMA4GA1UECxMHUmFtcGFydDEWMBQGA1UEAxMNU2FtcGxlIENsaWVudDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAhjQp2NJRUrAEsPYIlg26m34O16E6WkyBWMbkSvy/FJQoNg2HSOtqF/DHmej7qqJCDtiHtdZqCTOo28cpyB3XJ0g6y23ADTy1v7qUjYieF4Bn3p9QFtyznUmKyZ6hK4CjGraYvcDgjRlnPkfeyVnNamkzJB7TVRaLkumRlxHgxm0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQBNLSbNEaGBj8GBoXWBndY3JFvblPvI2mDbtZsNiggGOCezyAufGe6RnR3s5DjR5YQqPcMiDtlskFQm4/SRN2Yh16E6l7LfsOhGQsPiPrDrci4T18pz1eDLSrtJiiBah1NdeISaD0kpoUiaNKiQiu16JCnxc8tGSw3nSPg44aLYmA==
                                 </X509Data>
                              </KeyValue>
                           </KeyInfo>
                        </SubjectConfirmation>
                     </Subject>
                  </AuthenticationStatement>

-------- end snippet ------------------




      
____________________________________________________________________________________
Luggage? GPS? Comic books? 
Check out fitting gifts for grads at Yahoo! Search
http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz

Reply via email to