[jboss-jira] [JBoss JIRA] Updated: (JBID-138) JBoss STS - implement proof-of-possession token logic
Anil Saldhana (JIRA)
jira-events at lists.jboss.org
Tue Sep 15 11:58:25 EDT 2009
[ https://jira.jboss.org/jira/browse/JBID-138?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Anil Saldhana updated JBID-138:
-------------------------------
Fix Version/s: IDFED-1.0.0.beta3
(was: IDFED-1.0.0.beta2)
> JBoss STS - implement proof-of-possession token logic
> -----------------------------------------------------
>
> Key: JBID-138
> URL: https://jira.jboss.org/jira/browse/JBID-138
> Project: JBoss Identity
> Issue Type: Task
> Components: Identity-Federation
> Affects Versions: IDFED-1.0.0.alpha3
> Reporter: Stefan Guilhen
> Assignee: Stefan Guilhen
> Fix For: IDFED-1.0.0.beta3
>
>
> The WS-Trust specification defines the concept of a proof-of-possession token, that is, a token that can be used to verify the association between a security token and a subject. We must add support for proof tokens, both symmetric (secret key) and assymetric (certificate based). The proof must no only be included in the WS-Trust response, but also in the security tokens being generated by each token provider.
> Once this has been implemented, we must change the SAML20TokenProvider so it adds the appropriate proof token to the assertion being created.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list