|
»
»
[jira] Created: (WSS-204) Support validating SAML 2.0 tokens
|
View:
New views
9 Messages
—
Rating Filter:
Alert me
|
 |
[jira] Created: (WSS-204) Support validating SAML 2.0 tokens
by JIRA jira@apache.org
::
Rate this Message:
Support validating SAML 2.0 tokens
---------------------------------- Key: WSS-204 URL: https://issues.apache.org/jira/browse/WSS-204 Project: WSS4J Issue Type: New Feature Components: WSS4J Core Affects Versions: 1.5.8 Reporter: Thilina Buddhika Assignee: Ruchith Udayanga Fernando With the patch submitted for Rampart-231, SAML 2.0 support will be available for Rampart. That patch only generates SAML 2.0 tokens as per the SAML Token Profile 1.1 specification. SAML 2.0 validation support is mandatory for the full completion of SAML 2.0 support in Rampart. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscribe@... For additional commands, e-mail: wss4j-dev-help@... |
|
|
[jira] Updated: (WSS-204) Support validating SAML 2.0 tokens
by JIRA jira@apache.org
::
Rate this Message:
[ https://issues.apache.org/jira/browse/WSS-204?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Thilina Buddhika updated WSS-204: --------------------------------- Attachment: wss4j.patch With the attached patch, validating SAML2.0 support will be added to WSS4J. > Support validating SAML 2.0 tokens > ---------------------------------- > > Key: WSS-204 > URL: https://issues.apache.org/jira/browse/WSS-204 > Project: WSS4J > Issue Type: New Feature > Components: WSS4J Core > Affects Versions: 1.5.8 > Reporter: Thilina Buddhika > Assignee: Ruchith Udayanga Fernando > Attachments: wss4j.patch > > > With the patch submitted for Rampart-231, SAML 2.0 support will be available for Rampart. That patch only generates SAML 2.0 tokens as per the SAML Token Profile 1.1 specification. SAML 2.0 validation support is mandatory for the full completion of SAML 2.0 support in Rampart. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscribe@... For additional commands, e-mail: wss4j-dev-help@... |
|
|
[jira] Updated: (WSS-204) Support validating SAML 2.0 tokens
by JIRA jira@apache.org
::
Rate this Message:
[ https://issues.apache.org/jira/browse/WSS-204?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Thilina Buddhika updated WSS-204: --------------------------------- Attachment: wss4j.patch Hi, I have attached an improved version of the SAML 2.0 validation patch. It would be really helpful, if we can get this patch verified and applied since Rampart 1.5 is released with the SAML 2.0 token issuance support. Thanks. /thilina > Support validating SAML 2.0 tokens > ---------------------------------- > > Key: WSS-204 > URL: https://issues.apache.org/jira/browse/WSS-204 > Project: WSS4J > Issue Type: New Feature > Components: WSS4J Core > Affects Versions: 1.5.8 > Reporter: Thilina Buddhika > Assignee: Ruchith Udayanga Fernando > Attachments: wss4j.patch > > > With the patch submitted for Rampart-231, SAML 2.0 support will be available for Rampart. That patch only generates SAML 2.0 tokens as per the SAML Token Profile 1.1 specification. SAML 2.0 validation support is mandatory for the full completion of SAML 2.0 support in Rampart. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscribe@... For additional commands, e-mail: wss4j-dev-help@... |
|
|
[jira] Updated: (WSS-204) Support validating SAML 2.0 tokens
by JIRA jira@apache.org
::
Rate this Message:
[ https://issues.apache.org/jira/browse/WSS-204?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Thilina Buddhika updated WSS-204: --------------------------------- Attachment: (was: wss4j.patch) > Support validating SAML 2.0 tokens > ---------------------------------- > > Key: WSS-204 > URL: https://issues.apache.org/jira/browse/WSS-204 > Project: WSS4J > Issue Type: New Feature > Components: WSS4J Core > Affects Versions: 1.5.8 > Reporter: Thilina Buddhika > Assignee: Ruchith Udayanga Fernando > Attachments: wss4j.patch > > > With the patch submitted for Rampart-231, SAML 2.0 support will be available for Rampart. That patch only generates SAML 2.0 tokens as per the SAML Token Profile 1.1 specification. SAML 2.0 validation support is mandatory for the full completion of SAML 2.0 support in Rampart. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscribe@... For additional commands, e-mail: wss4j-dev-help@... |
|
|
[jira] Updated: (WSS-204) Support validating SAML 2.0 tokens
by JIRA jira@apache.org
::
Rate this Message:
[ https://issues.apache.org/jira/browse/WSS-204?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh updated WSS-204: ------------------------------------ Fix Version/s: 1.6 1.5.9 Assignee: Colm O hEigeartaigh (was: Ruchith Udayanga Fernando) > Support validating SAML 2.0 tokens > ---------------------------------- > > Key: WSS-204 > URL: https://issues.apache.org/jira/browse/WSS-204 > Project: WSS4J > Issue Type: New Feature > Components: WSS4J Core > Affects Versions: 1.5.8 > Reporter: Thilina Buddhika > Assignee: Colm O hEigeartaigh > Fix For: 1.5.9, 1.6 > > Attachments: wss4j.patch > > > With the patch submitted for Rampart-231, SAML 2.0 support will be available for Rampart. That patch only generates SAML 2.0 tokens as per the SAML Token Profile 1.1 specification. SAML 2.0 validation support is mandatory for the full completion of SAML 2.0 support in Rampart. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscribe@... For additional commands, e-mail: wss4j-dev-help@... |
|
|
[jira] Commented: (WSS-204) Support validating SAML 2.0 tokens
by JIRA jira@apache.org
::
Rate this Message:
[ https://issues.apache.org/jira/browse/WSS-204?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12770907#action_12770907 ] Colm O hEigeartaigh commented on WSS-204: ----------------------------------------- Hi Thilina, Can you look into writing some unit tests for this functionality? Colm. > Support validating SAML 2.0 tokens > ---------------------------------- > > Key: WSS-204 > URL: https://issues.apache.org/jira/browse/WSS-204 > Project: WSS4J > Issue Type: New Feature > Components: WSS4J Core > Affects Versions: 1.5.8 > Reporter: Thilina Buddhika > Assignee: Colm O hEigeartaigh > Fix For: 1.5.9, 1.6 > > Attachments: wss4j.patch > > > With the patch submitted for Rampart-231, SAML 2.0 support will be available for Rampart. That patch only generates SAML 2.0 tokens as per the SAML Token Profile 1.1 specification. SAML 2.0 validation support is mandatory for the full completion of SAML 2.0 support in Rampart. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscribe@... For additional commands, e-mail: wss4j-dev-help@... |
|
|
[jira] Commented: (WSS-204) Support validating SAML 2.0 tokens
by JIRA jira@apache.org
::
Rate this Message:
[ https://issues.apache.org/jira/browse/WSS-204?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12770995#action_12770995 ] Thilina Buddhika commented on WSS-204: -------------------------------------- Hi Colm, Sure thing, I will provide unit tests for SAML2 Validation soon. Thanks. /thilina > Support validating SAML 2.0 tokens > ---------------------------------- > > Key: WSS-204 > URL: https://issues.apache.org/jira/browse/WSS-204 > Project: WSS4J > Issue Type: New Feature > Components: WSS4J Core > Affects Versions: 1.5.8 > Reporter: Thilina Buddhika > Assignee: Colm O hEigeartaigh > Fix For: 1.5.9, 1.6 > > Attachments: wss4j.patch > > > With the patch submitted for Rampart-231, SAML 2.0 support will be available for Rampart. That patch only generates SAML 2.0 tokens as per the SAML Token Profile 1.1 specification. SAML 2.0 validation support is mandatory for the full completion of SAML 2.0 support in Rampart. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscribe@... For additional commands, e-mail: wss4j-dev-help@... |
|
|
[jira] Commented: (WSS-204) Support validating SAML 2.0 tokens
by JIRA jira@apache.org
::
Rate this Message:
[ https://issues.apache.org/jira/browse/WSS-204?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12771383#action_12771383 ] Colm O hEigeartaigh commented on WSS-204: ----------------------------------------- Some comments on the patch... Could you change the opensaml 1.1 groupId to org.opensaml and the artifactId to opensaml1? That's where it is in the central maven repo: http://repo1.maven.org/maven2/org/opensaml/opensaml1/ A "mvn clean install" does not compile, as the central maven repo doesn't seem to have this dependency: org.opensaml:openws:jar:1.2.2. That will need to make it in before I can apply the patch. Some trivial things: the headers need some work...most of the dates are wrong, there are tabs in the pom file, etc. Looking at the SAML2TokenProcessor, it follows the previous SAML 1 processor in adding the result as an unsigned token. Have you given any thought to improving the logic for adding the token as "signed" or "unsigned" depending on whether it's a signed assertion or not? Colm. > Support validating SAML 2.0 tokens > ---------------------------------- > > Key: WSS-204 > URL: https://issues.apache.org/jira/browse/WSS-204 > Project: WSS4J > Issue Type: New Feature > Components: WSS4J Core > Affects Versions: 1.5.8 > Reporter: Thilina Buddhika > Assignee: Colm O hEigeartaigh > Fix For: 1.5.9, 1.6 > > Attachments: wss4j.patch > > > With the patch submitted for Rampart-231, SAML 2.0 support will be available for Rampart. That patch only generates SAML 2.0 tokens as per the SAML Token Profile 1.1 specification. SAML 2.0 validation support is mandatory for the full completion of SAML 2.0 support in Rampart. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscribe@... For additional commands, e-mail: wss4j-dev-help@... |
|
|
[jira] Commented: (WSS-204) Support validating SAML 2.0 tokens
by JIRA jira@apache.org
::
Rate this Message:
[ https://issues.apache.org/jira/browse/WSS-204?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12771394#action_12771394 ] Thilina Buddhika commented on WSS-204: -------------------------------------- Sure, I will update the pom.xml with the corrected artifact id for OpenSAML 1.1. Yes, I followed the same approach as SAMLTokenProcessor in SAML2TokenProcessor as the first step. Definitely we can improve this to add token as signed and unsigned and validate the signatures(if the token is signed). Also Hakon has done an implementation to validate the signature of the message [1]. So shall we keep this as the first step and then improve it later ? I will provide a modified patch with the other changes you suggested. Thanks. /thilina [1] - http://mail-archives.apache.org/mod_mbox/ws-rampart-dev/200910.mbox/%3Cd535d76f0910210509i421b0004w3e55fb598211f92e@...%3E > Support validating SAML 2.0 tokens > ---------------------------------- > > Key: WSS-204 > URL: https://issues.apache.org/jira/browse/WSS-204 > Project: WSS4J > Issue Type: New Feature > Components: WSS4J Core > Affects Versions: 1.5.8 > Reporter: Thilina Buddhika > Assignee: Colm O hEigeartaigh > Fix For: 1.5.9, 1.6 > > Attachments: wss4j.patch > > > With the patch submitted for Rampart-231, SAML 2.0 support will be available for Rampart. That patch only generates SAML 2.0 tokens as per the SAML Token Profile 1.1 specification. SAML 2.0 validation support is mandatory for the full completion of SAML 2.0 support in Rampart. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscribe@... For additional commands, e-mail: wss4j-dev-help@... |
| Free embeddable forum powered by Nabble | Forum Help |
