-
1. Re: JBoss 7.2 Warning:No assertion builder for type {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}ProtectTokens registered
I am using JBoss 7.2 from GitHub source,and using WS-Policy driven WS-Security with the JBossWS-CXF integration layer.
My understanding is that ProtectTokens assertion is responsible for the token to be signed.
Is the Saml token not being signed because of these recent issues?
If so, will these be integrated soon into jBossWS-cxf and a Jboss version?
https://issues.apache.org/jira/browse/CXF-4789
The policy looks kind of like this:
<Policy HolderOfKey>
.....
<AsymmetricBinding>
<InitiatorToken>
<SamlToken>
........
</SamlToken>
</InitiatorToken>
<sp:AlgorithmSuite>
...
...
</sp:AlgorithmSuite>
<sp:Layout>
---
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:ProtectTokens/>
<sp:/OnlysignHeaderAndBody/>
</AsymmetricBinding>
....
#The following seems optional because of the <wsp:All/>
<wsp:All/>
<wsp:All>
<sp:SignedSupportingTokens>
..
<sp:X509Token
sp:Include.....></sp:X509Token>
....
</sp:SignedSupportingTokens>
</wsp:All>
....
</Policy HolderOfKey>
Thanks
-
2. Re: JBoss 7.2 Warning:No assertion builder for type {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}ProtectTokens registered
So I switched back to the non-policy way again, and used wss4jinterceptors instead.
Now I have the timestamp, body and saml assertion signed as required by the service providers policy,
but now the SecurityTokenReference does not reference the saml token but the x.509 token.
The STR needs to reference the saml token.
Is there any way using wss4jinterceptors to force the SecurityTokenReference to reference the SAMl token?
Again, using JBOSs 7.2 from GitHub, with all the modules that come with it.
wss4j is 1.6.9.
Thanks