coheigea wrote > If I am understanding you correctly, the scenario is that you have an STS > issuing a (signed?) SenderVouches Assertion, and you expect the CXF client > to generate a new Signature, that signs the SAML Assertion via a > STR-Transform. Is this correct?
Yes, that's correct, the STS issues a signed SenderVouches Assertion (via onBehalfOf). In fact, I basically want the exact same output as org.apache.cxf.systest.wssec.examples.saml.SamlTokenTest.testAsymmetricSigned(), except for it to use the issued token from the STS instead of generating it's own token. coheigea wrote > I you send the SecurityPolicy you are using I can take a look to see if > it's easy to implement. Sure, I have adapted the "DoubleItAsymmetricSignedPolicy" policy to include the IssuedToken component from "DoubleItSymmetricIssuedTokenPolicy" and called it DoubleItAsymmetricIssuedTokenPolicy.xml <http://cxf.547215.n5.nabble.com/file/n5738672/DoubleItAsymmetricIssuedTokenPolicy.xml> . Thanks, Joel -- View this message in context: http://cxf.547215.n5.nabble.com/STR-Transform-for-IssuedToken-in-WS-Policy-tp5738605p5738672.html Sent from the cxf-user mailing list archive at Nabble.com.
