[higgins-dev] STS Question: X509 Certificate in token signature

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[higgins-dev] STS Question: X509 Certificate in token signature

From: "Daniel Sanders" <dsanders@xxxxxxxxxx>
Date: Tue, 12 Jun 2007 13:55:53 -0600
Delivered-to: higgins-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>
List-help: <mailto:higgins-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=unsubscribe>

Mike,

Here is the defect I logged for this issue:

https://bugs.eclipse.org/bugs/show_bug.cgi?id=192277

>>>>

Mike,
 
Currently, the Higgins STS I have deployed issues a SAML token where the signature of the token contains the issuer's public key, as follows:
 
<Signature>
   ...
   <KeyInfo>
      ...
      <RSAKeyValue>
         <Modulus>...</Modulus>
         <Exponent>...</Exponent>
 
I have been asked about having the X509 certificate sent so that the token issuer can be verified by the RP.  I believe the signature would then look something like the following (I don't know the exact structure, but I think this is close):
 
<Signature>
   ...
   <KeyInfo>
      ...
      <X509Certificate>
         ...
      </X509Certificate>
 
Is this possible in the Higgins STS?  If so, how do I go about enabling it in our deployment of the STS?
 
Thanks,

Daniel

Prev by Date: RE: [higgins-dev] Consolidating usage of jars - resolvingJaxen version issue
Next by Date: [higgins-dev] FW: [equinox-dev] Credential management for Eclipse...
Previous by thread: [higgins-dev] STS Question: X509 Certificate in token signature
Next by thread: [higgins-dev] FactoryConfigurationError using XML Configuration code
Index(es):
- Date
- Thread

Breadcrumbs