 
                                        
                                
                         
                        
                                
                                
                                        
                                                
                                        
                                        
                                        [JBoss JIRA] Created: (JBID-189) Add 'TokenElement' and 'TokenElementNS' to the SAML20TokenPovider in jboss-sts.xml
                                
                                
                                
                                    
                                        by Daniel Bevenius (JIRA)
                                    
                                
                                
                                        Add 'TokenElement' and 'TokenElementNS' to the SAML20TokenPovider in jboss-sts.xml
----------------------------------------------------------------------------------
                 Key: JBID-189
                 URL: https://jira.jboss.org/jira/browse/JBID-189
             Project: JBoss Identity
          Issue Type: Task
            Reporter: Daniel Bevenius
            Assignee: Anil Saldhana
            Priority: Minor
To get token validation to work using a saml assertion I needed to add the TokenElement and TokenElementNS to jboss-sts.xml:
<TokenProvider ProviderClass="org.jboss.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider"
            TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"
            TokenElement="Assertion"
            TokenElementNS="urn:oasis:names:tc:SAML:2.0:assertion"/>
Without this in jboss-sts.xml no provider will be found and a NullPointerException will be throw:
16:44:11,343 ERROR [SOAPFaultHelperJAXWS] SOAP request exception
java.lang.NullPointerException
	at org.jboss.identity.federation.core.wstrust.StandardRequestHandler.validate(StandardRequestHandler.java:336)
	at org.jboss.identity.federation.bindings.jboss.wstrust.JBossSTS.handleTokenRequest(JBossSTS.java:142)
	at org.jboss.identity.federation.bindings.jboss.wstrust.JBossSTS.invoke(JBossSTS.java:90)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Perhaps a check in StandardRequestHander that gives some more info would help:
if (provider == null)
          throw new WSTrustException("No SecurityTokenProvider configured for " + securityToken.getNamespaceURI() + ":" + securityToken.getLocalName());
 
-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
        
                                
                         
                        
                                
                                16 years, 1 month
                        
                        
                 
         
 
        
            
        
        
        
                
                        
                                
                                 
                                        
                                
                         
                        
                                
                                
                                        
                                                
                                        
                                        
                                        [JBoss JIRA] Created: (JBID-188) Update package name of SAML20TokenProvider in jboss-sts.xml
                                
                                
                                
                                    
                                        by Daniel Bevenius (JIRA)
                                    
                                
                                
                                        Update package name of SAML20TokenProvider in jboss-sts.xml
-----------------------------------------------------------
                 Key: JBID-188
                 URL: https://jira.jboss.org/jira/browse/JBID-188
             Project: JBoss Identity
          Issue Type: Task
            Reporter: Daniel Bevenius
            Assignee: Anil Saldhana
            Priority: Trivial
The current package name is:
<TokenProvider ProviderClass="org.jboss.identity.federation.api.wstrust.plugins.saml.SAML20TokenProvider"
I believe that the package name has changed to:
<TokenProvider ProviderClass="org.jboss.identity.federation.core.wstrust.plugins.saml.SAML20TokenProvider"
This can be found in jboss-identity-webapps/jboss-sts/src/resources/jboss-sts.xml. I was unsure about the Component to which this module belongs so I've left that option as 'Unknown'. Same goes for the versions.
-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
        
                                
                         
                        
                                
                                16 years, 1 month
                        
                        
                 
         
 
        
            
        
        
        
            
        
        
        
                
                        
                                
                                 
                                        
                                
                         
                        
                                
                                
                                        
                                                
                                        
                                        
                                        [JBoss JIRA] Created: (JBID-137) JBoss STS - improve the configuration to allow for general properties to be specified for each token provider
                                
                                
                                
                                    
                                        by Stefan Guilhen (JIRA)
                                    
                                
                                
                                        JBoss STS - improve the configuration to allow for general properties to be specified for each token provider
-------------------------------------------------------------------------------------------------------------
                 Key: JBID-137
                 URL: https://jira.jboss.org/jira/browse/JBID-137
             Project: JBoss Identity
          Issue Type: Task
          Components: Identity-Federation
    Affects Versions: IDFED-1.0.0.alpha3
            Reporter: Stefan Guilhen
            Assignee: Stefan Guilhen
             Fix For: IDFED-1.0.0.alpha4
JBoss STS does not currently provide a way to specify general properties for a token provider. A token provider may be configurable (for example, a provider may take an URL of a third-party service or repository) and the configuration schema must be changed to allow the specification of properties.
The token providers should also be associated with the token element (namespace and local name) besides the token type. The reason for doing this is that validation/renewing/cancellation requests do not specify the token type explicitly so it must be inferred by the token element. The only way for the STS to figure out which provider should be used to validate the token is by having an association between token elements and providers. Something like:
<TokenProvider ProviderClass="...." TokenType="..." TokenNamespace="urn:...." TokenName="Assertion">
    <Property name="..." value="..."/>
    <Property name="..." vluae="..."/>
</TokenProvider>
A final note about configuration is about the need for the TruststoreAlias attribute of the ServiceProvider. The alias of each service provider can be configured through the ValidatingAlias element of KeyProvider, so we may just make the TruststoreAlias attribute optional.
-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
        
                                
                         
                        
                                
                                16 years, 1 month