There is some limited SAML Token support in the current CXF release. There will be much better support in the forthcoming CXF 2.4.0 release, as it will pick up WSS4J 1.6, which will have full support for SAML 2 assertions.
Using a SAML Token as an Endorsing Token seems like an unusual use-case to me, which I doubt the security policy runtime supports. I would expect it to work for a Supporting, or SignedSupporting, policy assertion though. The WS-SecurityPolicy stuff is so complicated that really the best way to see if something is supported is to try it, and then log a JIRA if it doesn't seem like it's supported. Colm. On Thu, Mar 3, 2011 at 7:35 PM, Morris Jr, David P <[email protected]> wrote: > Is there SamlToken support in WS-Policy in the current release of CXF? Or is > this still under development? > > Example: > <wsp:Policy> > ... > <sp:EndorsingSupportingTokens> > <wsp:Policy> > <sp:SamlToken > > sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> > <wsp:Policy> > <sp:WssSamlV20Token11 /> > </wsp:Policy> > </sp:SamlToken> > </wsp:Policy> > </sp:EndorsingSupportingTokens> > ... > </wsp:Policy> > >
