Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [higgins-dev] encrypted assertions with higgins saml2 util library 
Hi Tor,
Higgins STS does encryption of SAML tokens by adding TokenEncryptHandler to the ExtensionList of SAMLIssue 

http://dev.eclipse.org/svnroot/technology/org.eclipse.higgins/trunk/plugins/org.eclipse.higgins.sts.binding.axis1x.service/WebContent/ConfigurationFiles/ManagedConfiguration.xml
<!-- Consumes incoming credentials and generates a Provider Signed SAML Token --> 
			<Setting Name="SAMLIssue" Type="htf:map">
				<Setting Name="ExtensionList" Type="htf:list">
<Setting Name="First" Type="xsd:string">DigitalIdentityHandler</ Setting> <Setting Name="Third" Type="xsd:string">TokenGeneratorHandler</ Setting> <Setting Name="Fourth" Type="xsd:string">TokenEncryptHandler</ Setting> 
				</Setting>
			</Setting>

		.......
<!-- The name of the class that provides the factory for the class that implements the Apache XML Security Extension --> <Setting Name="XMLSecurityExtension" Type = "htf:singleton "> org .eclipse .higgins.sts.xmlsecurity.apache.XMLSecurityApacheExtensionFactory</ Setting>
You may not be able to use org.eclipse.higgins.sts.server.token.encrypt as it is but if you look at 

http://dev.eclipse.org/svnroot/technology/org.eclipse.higgins/trunk/plugins/org.eclipse.higgins.sts.server.token.encrypt/src/org/eclipse/higgins/sts/server/token/encrypt/TokenEncryptHandler.java

you might get an idea how it is done and use the similar approach
final org.eclipse.higgins.sts.api.IElement elemEncryptedRequestedSecurityToken = xmlSecurity.EncryptElement 
	    		("saml:Assertion",
	    		elemRequestedSecurityToken,
	    		strAppliesToIdentityCertificate);
The above call is using another project org.eclipse.higgins.sts.xmlsecurity.apache to do the actual encryption. 

Is that you are looking for?

-Jeesmon

On Jun 4, 2009, at 5:29 AM, Torgeir Veimo wrote:


Hi,

I have a need to implement support for encrypted assertion replies in
the higgins saml2 utility library.

I'm currently using a library called saml2api
(http://sourceforge.net/projects/saml2api/), which builds upon an
older version of the higgins library, and which doesn't support
encrypted assertions. I was thinking about updating saml2api to use
the current higging saml2 library (version 1.0.600?), then implement
encrypted assertions.

I was wondering if anyone on this list have looked into supporting
this already?

--
-Tor
_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Back to the top