[
https://issues.apache.org/jira/browse/WSS-204?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12882580#action_12882580
]
Jonathan Whitall commented on WSS-204:
--------------------------------------
I'm interested in processing a SAML 2 token as signed and am willing to
contribute time to this.
I'll be the first to admit that I'm not a WS-Security expert, but would a
reasonable approach be to traverse the DOM tree to find the Signature element
and delegate to the SignatureProcessor? Then, depending on its result, indicate
whether the SAML token is signed or unsigned (or possibly throw an exception)?
Just some thoughts.
> Support validating SAML 2.0 tokens
> ----------------------------------
>
> Key: WSS-204
> URL: https://issues.apache.org/jira/browse/WSS-204
> Project: WSS4J
> Issue Type: New Feature
> Components: WSS4J Core
> Affects Versions: 1.5.8
> Reporter: Thilina Buddhika
> Assignee: Colm O hEigeartaigh
> Fix For: 1.5.9, 1.6
>
> Attachments: wss4j.patch
>
>
> With the patch submitted for Rampart-231, SAML 2.0 support will be available
> for Rampart. That patch only generates SAML 2.0 tokens as per the SAML Token
> Profile 1.1 specification. SAML 2.0 validation support is mandatory for the
> full completion of SAML 2.0 support in Rampart.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscr...@ws.apache.org
For additional commands, e-mail: wss4j-dev-h...@ws.apache.org
