The Source for Java Technology Collaboration
Webmaster Alert: Posting to Jive Forums is currently not working. Estimated time for fix is unknown.

Home » java.net Forums » GlassFish » Metro and JAXB

Thread: Problems with SAML 2.0 and the STSAttributeProvider values

Welcome, Guest Help
Login Login
Guest Settings Guest Settings
This question is answered.

Reply to this Thread Reply to this Thread Search Forum Search Forum Back to Thread List Back to Thread List

Permlink Replies: 4 - Last Post: Feb 4, 2009 10:07 PM by: jdg6688
lindemannralf

Posts: 30
Problems with SAML 2.0 and the STSAttributeProvider values
Posted: Jan 22, 2009 6:59 AM 		 
  Click to reply to this thread Reply

I have a skeleton implementation of STS, WebService and a simple client.
This works so far, but I have to use issue a SAML 2.0 Token in the STS. If I change the TokenType from

<sp:RequestSecurityTokenTemplate>
<wst:KeySize>128</wst:KeySize>
<wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</wst:KeyType>
<wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</wst:TokenType>
</sp:RequestSecurityTokenTemplate>

to

<sp:RequestSecurityTokenTemplate>
<wst:KeySize>128</wst:KeySize>
<wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</wst:KeyType>
<wst:TokenType>urn:oasis:names:tc:SAML:2.0:assertion</wst:TokenType>
</sp:RequestSecurityTokenTemplate>

I receive a SAML 2.0 assertion, but it contains not the expected attributes like "role", "friendlyName" and so on. With the SAML 2.0 version the implention of the 'STSAttributeProvider' doesn't put the attributes into the token.

STSAttributeProvider Source code:

Map<QName, List<String>> attributes = new HashMap<QName, List<String>>();
attributes.put(new QName("http://bos.de", "role"), Arrays.asList("customer"));
attributes.put(new QName("http://sun.com", STSAttributeProvider.NAME_IDENTIFIER), Arrays.asList(userId));
attributes.put(new QName("http://schemas.xmlsoap.org/ws/2005/05/identity/claims", "givenname"),
Arrays.asList("meisengeiger"));
attributes.put(new QName("http://bos.de", "customer"), Arrays.asList("justiz"));
attributes.put(new QName("http://bos.de", "friendlyName"), Arrays.asList(name));

return attributes;

What's wrong?

jdg6688

Posts: 891
Re: Problems with SAML 2.0 and the STSAttributeProvider values
Posted: Jan 22, 2009 8:17 AM   in response to: lindemannralf
Helpful
  Click to reply to this thread Reply

This is a known issue.
We will fix it as soon as possible.

Thanks!

Jiandong

jdg6688

Posts: 891
Re: Problems with SAML 2.0 and the STSAttributeProvider values
Posted: Jan 22, 2009 8:26 AM   in response to: lindemannralf
Correct
  Click to reply to this thread Reply

Ok, an issue is filed.

https://wsit.dev.java.net/issues/show_bug.cgi?id=1083

lindemannralf

Posts: 30
Re: Problems with SAML 2.0 and the STSAttributeProvider values
Posted: Jan 22, 2009 8:33 AM   in response to: jdg6688 		 
  Click to reply to this thread Reply

Thank you very much!

jdg6688

Posts: 891
Re: Problems with SAML 2.0 and the STSAttributeProvider values
Posted: Feb 4, 2009 10:07 PM   in response to: lindemannralf 		 
  Click to reply to this thread Reply

This issue is fixed. Please try with the next nightly and let us know if it works for you:
https://metro.dev.java.net/servlets/ProjectDocumentList?expandFolder=7638&folderID=10314


Point your RSS reader here for a feed of the latest messages in all forums
Go Back Back to Thread List



 XML java.net RSS

  
Feedback  | FAQ  | Press | Terms of Use
Privacy  |  Trademarks | Site Map
 
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Participation.
 
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Collabnet Logo Cognisync Communities
Powered by Sun Microsystems, Inc.,
CollabNet and Cognisync