[SWS-955] Ability to configure SAML callback in Wss4jInterceptor Created: 14/Apr/16  Updated: 30/Oct/17  Resolved: 30/Oct/17

Status: Closed
Project: Spring Web Services
Component/s: Security
Affects Version/s: 2.4.0
Fix Version/s: 3.0.0.RELEASE

Type: Improvement Priority: Minor
Reporter: jaminh Assignee: Greg Turnquist
Resolution: Complete Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Pull Request URL: https://github.com/spring-projects/spring-ws/pull/100

 Description   

In order to secure messages with SAML a method for configuring a SAML callback needs to be added. Also I was getting errors when I didn't set the validationActions because the validationActionsVector didn't get initialized.



 Comments   
Comment by jaminh [ 14/Apr/16 ]

I originally commented about this on https://jira.spring.io/browse/SWS-886 but since that has been included in the recent 2.3.0 release I made a new issue for it. I also have an updated pull request https://github.com/spring-projects/spring-ws/pull/68

Comment by jaminh [ 14/Dec/16 ]

I made some updates for this Jira. Since there is a separate issue (SWS-961) for the validation actions issue I split that out. I also added JUnit tests for creating and validating a SAML assertion. These changes can be found here https://github.com/jaminh/spring-ws/tree/feature/SWS-955-961. It is probably worth noting that I had to exclude the old version of opensaml that gets included with wss4j 1.6, it seems like everything still builds but if people are using SAML with the old wss4j they would likely have to exclude the new opensaml dependencies and include the old opensaml in their project.

Comment by jaminh [ 20/Apr/17 ]

I tried adding JUnit tests for securing messages with SAML in the Wss4jInterceptor and I ran into issues when OpenSAML gets initialized and both opensaml-2 and opensaml-3 are on the classpath. In order to deal with this issue I think it might be best to separate the WSS4J 2 classes into a separate project so that the old version of opensaml can be excluded. I have an example of this here https://github.com/jaminh/spring-ws/tree/feature/SWS-955-new.

Generated at Sat Dec 16 15:03:43 UTC 2017 using JIRA 6.4.14#64029-sha1:ae256fe0fbb912241490ff1cecfb323ea0905ca5.