Bug 1017219
Summary: | Add digital signatures to SAML assertions in Overlord SAML Bearer Token Auth | ||
---|---|---|---|
Product: | [JBoss] JBoss Fuse Service Works 6 | Reporter: | Eric Wittmann <eric.wittmann> |
Component: | DT Governance | Assignee: | Nobody <nobody> |
Status: | VERIFIED --- | QA Contact: | Matej Melko <mmelko> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | unspecified | CC: | ldimaggi, sbunciak, soa-p-jira |
Target Milestone: | CR1 | ||
Target Release: | 6.0.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | Type: | Bug | |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Eric Wittmann
2013-10-09 13:00:05 UTC
The overlord apps now support digitally signing the SAML Assertions when performing SAML Bearer Token authentication. This must be configured in both the clients (sramp-ui.properties, dtgov-ui.properties, gadget-server.properties, etc) and on the server (standalone.xml). A java keystore must be created and populated with a keypair used to sign the saml assertions (client-side) and to verify the signature (server-side). This has been documented in mojo to be referenced by interested/relevant parties. Assigning to thauser to complete the prod installer changes. I believe I missed this one. This should definitely be present in any post beta build. I believe I missed this one. This should definitely be present in any post beta build. Verified in FSW 6.0.0.CR1 |