IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.


#TechXchangePresenter
 View Only
Back to discussions
Expand all | Collapse all

SAML with WS-SecurityPolicy WebMethods 8.2

  • 1.  SAML with WS-SecurityPolicy WebMethods 8.2

    Posted Sat June 30, 2012 01:26 AM

    Hello,

    We are trying to implement SAML with WS-SecurityPollicy. We are using SAML “Bearer” confirmation method. However, we are getting ClassCast exception when processing the header.

    There is no documentation provided about supporting Bearer confirmation method. We are using SAML 2.0 tokens. Policy is also configured for SAML 2.0

    Policy is SAML_Authentication —No encryption and No Signature.

    Ex[b]ception

    org.opensaml.saml2.core.impl.SubjectConfirmationDataImpl cannot be cast to org.opensaml.saml2.core.KeyInfoConfirmationDataType[/b]

    <soapenv:Envelope xmlns:lexs=“http://usdoj.gov/leisp/lexs/3.1” xmlns:lexssr=“http://usdoj.gov/leisp/lexs/searchretrieve/3.1” xmlns:ns2=“http://niem.gov/niem/structures/2.0” xmlns:ns3=“http://niem.gov/niem/niem-core/2.0” xmlns:soapenv=“http://schemas.xmlsoap.org/soap/envelope/”>
    soapenv:Header
    <wsse:Security soapenv:mustUnderstand=“1” xmlns:wsse=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd” xmlns:wsu=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”>
    <wsu:Timestamp wsu:Id=“TS-10”>
    wsu:Created2012-06-29T15:03:08.795Z</wsu:Created>
    wsu:Expires2012-06-29T15:04:08.795Z</wsu:Expires>
    </wsu:Timestamp>

    ISSUER URL
    <ds:Signature xmlns:ds=“XML-Signature Syntax and Processing”>
    ds:SignedInfo
    <ds:CanonicalizationMethod Algorithm=“Exclusive XML Canonicalization Version 1.0”/>
    <ds:SignatureMethod Algorithm=“xmldsig-more namespace”/>
    <ds:Reference URI=“#_d6256236-2241-447f-a4bb-4f7a6092aa06”>
    ds:Transforms
    <ds:Transform Algorithm=“XML-Signature Syntax and Processing”/>
    <ds:Transform Algorithm=“Exclusive XML Canonicalization Version 1.0”/>
    </ds:Transforms>
    <ds:DigestMethod Algorithm=“XML Encryption Syntax and Processing”/>
    ds:DigestValueDigest Value=</ds:DigestValue>
    </ds:Reference>
    </ds:SignedInfo>
    ds:SignatureValueX78zi0DFUopTA+t36XXYvGY1KjmtfxYCZhfcy/rfz8kfBYKmq9AdEc1ISMS9mxVtP9uBEYkmYP53qtBNGfiNWCR+ACKBVVoBEH/YG4rFMRp/1SyF2M28y1bL/QamiGdI/VoR7aJItORygord8XYWWgk4hN/X0ayw=</ds:SignatureValue>

    ds:X509Data ds:X509CertificateCERTAAOCAQEAjO6NytX2xOelrjX7hEuHNrPleDGtUnHtKcoecG09dnusgkv+9/5mQt5lFvrLblktmzMqBujaC4LA4upyb3wkOH1KKyavwlU9LafJOXwD40gD5lsPMH9lTlvxaa1s1bHuQsnTm6D/faMr3Ci3c/eAkIQYJ04iRSve8+GRsy7YcaTf4mUdsTsTQcxzPreGGeiBIu5Avsb8cZ16BdJuuzMDCx/h7KgRC+qvhdtRI/Tvae85HlP1/Xffb2WNz9kUBBtwr4MbY9kDPxISf68Lv1ElP26LLLyG2tJgrdKtS2izElQIbnlCElJMuDXgJJoiHG9PQ6mBCblvDFX9bd7rJlImBg==</ds:X509Certificate>
    </ds:X509Data>

    </ds:Signature>







    Service URL




    CTCISS:IDP:CISS



    </wsse:Security>
    </soapenv:Header>

    Any help is greatly appreciated.


    #webMethods
    #Integration-Server-and-ESB


Related Content