August 2009 - jboss-identity-issues

[JBoss JIRA] Created: (JBID-160) IDPWebBrowserSSOValve: by default sign outgoing messages and ignore incoming signatures

by Marcel Kolsteren (JIRA)

IDPWebBrowserSSOValve: by default sign outgoing messages and ignore incoming signatures --------------------------------------------------------------------------------------- Key: JBID-160 URL: https://jira.jboss.org/jira/browse/JBID-160 Project: JBoss Identity Issue Type: Feature Request Affects Versions: IDFED-1.0.0.alpha4 Reporter: Marcel Kolsteren Assignee: Anil Saldhana The current version of IDPWebBrowserSSOValve has a supportSignature property that controls the use of signatures. When signature support is on (which is the default), the outgoing messages are signed, while incoming messages are rejected if they don't have a valid signature. In the Web Browser SSO profile, where the SP is the relying party, it is very important that the SP validates the authenticity and integrity of authentication responses received from the IDP. The other way around, it is less important for the IDP to validate incoming messages. Therefore, the IDPWebBrowserSSOValve should at least have support for the situation where only the outgoing messages are signed. Therefore, the intention is to replace the supportSignature property with two properties: - ignoreIncomingSignatures (default: true) - signOutgoingMessages (default: true) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 4 months

2
4
0 / 0

[JBoss JIRA] Created: (JBID-161) Support for Seam Service Providers

by Marcel Kolsteren (JIRA)

Support for Seam Service Providers ---------------------------------- Key: JBID-161 URL: https://jira.jboss.org/jira/browse/JBID-161 Project: JBoss Identity Issue Type: Feature Request Components: Identity-Federation Affects Versions: IDENTITY-1.0.0.alpha5 Reporter: Marcel Kolsteren Assignee: Anil Saldhana Seam applications can already play the role of SAMLv2 Service Providers, by using the Tomcat SP valves supplied by JBID: http://www.jboss.org/community/wiki/SeamIntegrationWithJBossIdentity The disadvantage of this solution is that it relies on servlet security mechanisms that need to be specified in web.xml. In order to improve the ease of integrating Seam applications with JBID (for the Service Provider part), a specific Seam binding needs to be added to JBID. This binding should at least support the SP part of the Web Browser SSO Profile, using the HTTP-POST binding for authentication requests as well as for authentication responses. It should also support validation of message-level signatures received from the IDP. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 4 months

1
1
0 / 0

[JBoss JIRA] Created: (JBID-159) Disable JAXB Schema validation when marshalling SAML2Response

by Marcel Kolsteren (JIRA)

Disable JAXB Schema validation when marshalling SAML2Response ------------------------------------------------------------- Key: JBID-159 URL: https://jira.jboss.org/jira/browse/JBID-159 Project: JBoss Identity Issue Type: Feature Request Components: Identity-Federation Affects Versions: IDFED-1.0.0.alpha4 Reporter: Marcel Kolsteren Assignee: Anil Saldhana Use a non-validating marshaller by default for SAML2 responses. It should be possible to turn validation on by setting the system property "org.jboss.identity.jaxb.schema.validation". This has been implemented before for SAML2 requests (see JBID-54). -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 4 months

2
2
0 / 0

[JBoss JIRA] Created: (JBID-155) Consolidated Build: Create IDM Dependency pack

by Anil Saldhana (JIRA)

Consolidated Build: Create IDM Dependency pack ----------------------------------------------- Key: JBID-155 URL: https://jira.jboss.org/jira/browse/JBID-155 Project: JBoss Identity Issue Type: Task Components: Community-Build Reporter: Anil Saldhana Assignee: Jeff Yu Jeff, we need to create a zip of IDM dependency pack just the way we do for OpenID. Please take a look at how we do it for openid in: https://svn.jboss.org/repos/jbossidentity/consolidated-build/trunk/ Just create a module such as jboss-identity-idm and have the assembly plugin build up the zip. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 4 months

2
3
0 / 0

[JBoss JIRA] Created: (JBID-158) IDFedLSInputResolver should have the ws-t schemas

by Anil Saldhana (JIRA)

IDFedLSInputResolver should have the ws-t schemas ------------------------------------------------- Key: JBID-158 URL: https://jira.jboss.org/jira/browse/JBID-158 Project: JBoss Identity Issue Type: Sub-task Components: Identity-Federation Affects Versions: IDENTITY-1.0.0.alpha5 Reporter: Anil Saldhana Assignee: Anil Saldhana Fix For: IDFED-1.0.0.beta1 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 4 months

1
1
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

jboss-identity-issues August 2009