Colm – maybe I misunderstood, but I don’t see where you can apply a SecurityActionToken to a WSSecSignatureSAML to configure it? I’ve been able to set the signature parts directly on the WSSecSignatureSAML object similar to the way it’s done in WSHandler …
if (requestData.getSignatureToken().getParts().size() > 0) { wsSign.getParts().addAll( requestData.getSignatureToken().getParts() ); } wsSign.build( … ); Is that what you meant? It seems to work, but “work” doesn’t always mean “correct” and I’d rather be as correct as I can be. Thanx, Stephen W. Chappell From: Chappell, Stephen CTR (FAA) Sent: Thursday, June 18, 2015 8:11 AM To: users@ws.apache.org; cohei...@apache.org Subject: RE: WSSecSignatureSAML Well, I’m working with a large existing code base, so extending SAMLTokenSignedAction is most likely not an option, but I’ll look it over and see if it’ll work for me. In the meantime I’ll look over the WSHandler code and look at setting up a SecurityActionToken. Thanx! Stephen W. Chappell From: Colm O hEigeartaigh [mailto:cohei...@apache.org] Sent: Thursday, June 18, 2015 5:58 AM To: users@ws.apache.org<mailto:users@ws.apache.org> Subject: Re: WSSecSignatureSAML Could you not extend or change the SAMLTokenSignedAction to do what you want? Failing that, you need to set up the correct SecurityActionToken as WSHandler does, and use this instead to populate WSSecSignatureSAML. Colm. On Thu, Jun 11, 2015 at 8:11 PM, <stephen.ctr.chapp...@faa.gov<mailto:stephen.ctr.chapp...@faa.gov>> wrote: As usual, I see that my question goes pretty far beyond what I thought it did. I have a bit of code that, after issuing a SAML assertion, sets up a WSSecSignatureSAML object in order to sign the message with the private key associated with the assertion. It set up the WSSecSignatureSAML by pulling info from a RequestData object, like the WSSConfig, signature user, relevant algorithms, etc. And it also pulled out the signature parts from RequestData and set them into the WSSecSignatureSAML via setParts() – but that method doesn’t exist anymore. For that matter, there’s no way to set a WSSConfig either. So is there a new/better/different way to set the config and the parts for the WSSecSignatureSAML object, or should I be using something different now? Thanx, Stephen W. Chappell -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com