RE: WSSecSignatureSAML

Thu, 18 Jun 2015 12:53:15 -0700 

Colm – maybe I misunderstood, but I don’t see where you can apply a 
SecurityActionToken to a WSSecSignatureSAML to configure it? I’ve been able to 
set the signature parts directly on the WSSecSignatureSAML object similar to 
the way it’s done in WSHandler …

if (requestData.getSignatureToken().getParts().size() > 0) {
            wsSign.getParts().addAll( 
requestData.getSignatureToken().getParts() );
}
wsSign.build( … );

Is that what you meant? It seems to work, but “work” doesn’t always mean 
“correct” and I’d rather be as correct as I can be.

Thanx,

Stephen W. Chappell

From: Chappell, Stephen CTR (FAA)
Sent: Thursday, June 18, 2015 8:11 AM
To: users@ws.apache.org; cohei...@apache.org
Subject: RE: WSSecSignatureSAML

Well, I’m working with a large existing code base, so extending 
SAMLTokenSignedAction is most likely not an option, but I’ll look it over and 
see if it’ll work for me.

In the meantime I’ll look over the WSHandler code and look at setting up a 
SecurityActionToken. Thanx!


Stephen W. Chappell

From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: Thursday, June 18, 2015 5:58 AM
To: users@ws.apache.org<mailto:users@ws.apache.org>
Subject: Re: WSSecSignatureSAML


Could you not extend or change the SAMLTokenSignedAction to do what you want? 
Failing that, you need to set up the correct SecurityActionToken as WSHandler 
does, and use this instead to populate WSSecSignatureSAML.
Colm.

On Thu, Jun 11, 2015 at 8:11 PM, 
<stephen.ctr.chapp...@faa.gov<mailto:stephen.ctr.chapp...@faa.gov>> wrote:
As usual, I see that my question goes pretty far beyond what I thought it did. 
I have a bit of code that, after issuing a SAML assertion, sets up a 
WSSecSignatureSAML object in order to sign the message with the private key 
associated with the assertion. It set up the WSSecSignatureSAML by pulling info 
from a RequestData object, like the WSSConfig, signature user, relevant 
algorithms, etc. And it also pulled out the signature parts from RequestData 
and set them into the WSSecSignatureSAML via setParts() – but that method 
doesn’t exist anymore. For that matter, there’s no way to set a WSSConfig 
either. So is there a new/better/different way to set the config and the parts 
for the WSSecSignatureSAML object, or should I be using something different now?

Thanx,

Stephen W. Chappell



--
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to