[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [higgins-dev] encrypted assertions with higgins saml2 util library
|
Hi Tor,
Higgins STS does encryption of SAML tokens by adding
TokenEncryptHandler to the ExtensionList of SAMLIssue
http://dev.eclipse.org/svnroot/technology/org.eclipse.higgins/trunk/plugins/org.eclipse.higgins.sts.binding.axis1x.service/WebContent/ConfigurationFiles/ManagedConfiguration.xml
<!-- Consumes incoming credentials and generates a Provider Signed
SAML Token -->
<Setting Name="SAMLIssue" Type="htf:map">
<Setting Name="ExtensionList" Type="htf:list">
<Setting Name="First" Type="xsd:string">DigitalIdentityHandler</
Setting>
<Setting Name="Third" Type="xsd:string">TokenGeneratorHandler</
Setting>
<Setting Name="Fourth" Type="xsd:string">TokenEncryptHandler</
Setting>
</Setting>
</Setting>
.......
<!-- The name of the class that provides the factory for the class
that implements the Apache XML Security Extension -->
<Setting Name="XMLSecurityExtension"
Type
=
"htf:singleton
">
org
.eclipse
.higgins.sts.xmlsecurity.apache.XMLSecurityApacheExtensionFactory</
Setting>
You may not be able to use
org.eclipse.higgins.sts.server.token.encrypt as it is but if you look at
http://dev.eclipse.org/svnroot/technology/org.eclipse.higgins/trunk/plugins/org.eclipse.higgins.sts.server.token.encrypt/src/org/eclipse/higgins/sts/server/token/encrypt/TokenEncryptHandler.java
you might get an idea how it is done and use the similar approach
final org.eclipse.higgins.sts.api.IElement
elemEncryptedRequestedSecurityToken = xmlSecurity.EncryptElement
("saml:Assertion",
elemRequestedSecurityToken,
strAppliesToIdentityCertificate);
The above call is using another project
org.eclipse.higgins.sts.xmlsecurity.apache to do the actual encryption.
Is that you are looking for?
-Jeesmon
On Jun 4, 2009, at 5:29 AM, Torgeir Veimo wrote:
Hi,
I have a need to implement support for encrypted assertion replies in
the higgins saml2 utility library.
I'm currently using a library called saml2api
(http://sourceforge.net/projects/saml2api/), which builds upon an
older version of the higgins library, and which doesn't support
encrypted assertions. I was thinking about updating saml2api to use
the current higging saml2 library (version 1.0.600?), then implement
encrypted assertions.
I was wondering if anyone on this list have looked into supporting
this already?
--
-Tor
_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev
Attachment:
smime.p7s
Description: S/MIME cryptographic signature