[ https://issues.apache.org/jira/browse/WSS-622?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16357059#comment-16357059 ]
Zsolt Fatér edited comment on WSS-622 at 2/8/18 3:40 PM: --------------------------------------------------------- I am missing the Envelope/Header/Security/Assertion/Subject/SubjectConfirmation/NameID Here is an example: {code:xml} <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1"> <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_a01e102a-93f8-4f80-830b-14935b65b452" IssueInstant="2018-02-08T14:57:57.069Z" Version="2.0" xsi:type="saml2:AssertionType"> <saml2:Issuer>anyk</saml2:Issuer> <saml2:Subject> <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" NameQualifier="subjectNameQualifier">subjectNameQualifierValue</saml2:NameID> <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> <!-- I am missing this part --> <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" NameQualifier="confirmationNameQualifier">confirmationNameQualifier</saml2:NameID> </saml2:SubjectConfirmation> </saml2:Subject> <saml2:Conditions NotBefore="2018-02-08T14:57:57.070Z" NotOnOrAfter="2018-02-08T15:02:57.070Z"/> </saml2:Assertion> </wsse:Security> </soap:Header> <soap:Body> <ns3:dataRequest xmlns:ns3="namespace" /> </soap:Body> </soap:Envelope> {code} I was attached a patch, which is solved my problem. The patch is base on wss2j 2.2.1 version. _Edited_ I was make a pull request on github: https://github.com/apache/wss4j/pull/9 was (Author: zsoltii): I am missing the Envelope/Header/Security/Assertion/Subject/SubjectConfirmation/NameID Here is an example: {code:xml} <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1"> <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_a01e102a-93f8-4f80-830b-14935b65b452" IssueInstant="2018-02-08T14:57:57.069Z" Version="2.0" xsi:type="saml2:AssertionType"> <saml2:Issuer>anyk</saml2:Issuer> <saml2:Subject> <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" NameQualifier="subjectNameQualifier">subjectNameQualifierValue</saml2:NameID> <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> <!-- I am missing this part --> <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" NameQualifier="confirmationNameQualifier">confirmationNameQualifier</saml2:NameID> </saml2:SubjectConfirmation> </saml2:Subject> <saml2:Conditions NotBefore="2018-02-08T14:57:57.070Z" NotOnOrAfter="2018-02-08T15:02:57.070Z"/> </saml2:Assertion> </wsse:Security> </soap:Header> <soap:Body> <ns3:dataRequest xmlns:ns3="namespace" /> </soap:Body> </soap:Envelope> {code} I was attached a patch, which is solved my problem. The patch is base on wss2j 2.2.1 version. > from SAMLCallback no possible setting SAML2 SubjectConfirmation.NameID > ----------------------------------------------------------------------- > > Key: WSS-622 > URL: https://issues.apache.org/jira/browse/WSS-622 > Project: WSS4J > Issue Type: Wish > Components: WSS4J Handlers > Affects Versions: 2.2.0 > Reporter: Zsolt Fatér > Assignee: Colm O hEigeartaigh > Priority: Minor > Attachments: > WSS4J_WSS-622_from_SAMLCallback_no_passible_setting_SAML2_SubjectConfirmation_NameID.patch > > > In the SAMLCallback class doesn't possible to set the SAML2 > SubjectConfirmation class NameID attribute. > It will be good, if setting will be same then SubjectConfirationData setting. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org For additional commands, e-mail: dev-h...@ws.apache.org