On Jun 3, 2013, at 11:03 AM, DTaylor <[email protected]> wrote: > We're now attempting to utilize WS-SecureConversation and SAML tokens for > negotiating security sessions in our applications. > > Currently, we are on CXF 2.6.2 (we are looking at moving to CXF 2.7.5) and > are curious about the status about WS-SecureConversation with a set of SAML > assertions. > > We are curious about the status of WS-SecureConversation and SAML assertions > and, if relevant, accessing the SAML assertions. > > As far as the status of WS-SC & SAML assertions, from this Jira: CXF-4457 > <https://issues.apache.org/jira/browse/CXF-4457> , it appears as though the > use of a SAML token with WS-SecureConversation is not currently supported by > CXF.
I think that JIRA needs closing. I'll double check. Thanks for the pointer. > However, we also came across this Jira: CXF-4977 > <https://issues.apache.org/jira/browse/CXF-4977> which seems to indicate > that WS-SecureConversation with WS-Trust is now supported in CXF post 2.6.2. > Is it accurate to assume this is now supported or is it only partially > supported or not at all? Well, with 2.6.2, it would be partially supported. It's likely with config, you can get the SAML stuff to work to get the WS-SecureConversation token. However, after the initial negotiation of the token, you would not have access to the SAML token again as we would not have recorded it in the session. Thus, if you need to make any decisions within your own code about actions to take based on the SAML assertion, you would not be able to. You would need to update to 2.7.5 for that support. > If it is supported, the other question we have is in regards to accessing > the claims from the SAML assertions. Is there some manner to access the > SAML assertions in the interceptor chain, or will we need to create a custom > method of accessing the assertions? Once you get to 2.7.5, you should be able to grab the principal and such from the context. I think that is fine, but Colm would definitely need to weigh in on this. (although it's a public holiday in Ireland today) Dan > > Thanks, > > Dan > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/WS-SecureConversation-and-SAML-assertions-tp5728643.html > Sent from the cxf-user mailing list archive at Nabble.com. -- Daniel Kulp [email protected] - http://dankulp.com/blog Talend Community Coder - http://coders.talend.com
