SAML with WS-SecurityPolicy WebMethods 8.2

Hello,

We are trying to implement SAML with WS-SecurityPollicy. We are using SAML “Bearer” confirmation method. However, we are getting ClassCast exception when processing the header.

There is no documentation provided about supporting Bearer confirmation method. We are using SAML 2.0 tokens. Policy is also configured for SAML 2.0

Policy is SAML_Authentication —No encryption and No Signature.

Exception

org.opensaml.saml2.core.impl.SubjectConfirmationDataImpl cannot be cast to org.opensaml.saml2.core.KeyInfoConfirmationDataType

<soapenv:Envelope xmlns:lexs=“http://usdoj.gov/leisp/lexs/3.1” xmlns:lexssr=“http://usdoj.gov/leisp/lexs/searchretrieve/3.1” xmlns:ns2=“http://niem.gov/niem/structures/2.0” xmlns:ns3=“http://niem.gov/niem/niem-core/2.0” xmlns:soapenv=“http://schemas.xmlsoap.org/soap/envelope/”>
soapenv:Header
<wsse:Security soapenv:mustUnderstand=“1” xmlns:wsse=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd” xmlns:wsu=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”>
<wsu:Timestamp wsu:Id=“TS-10”>
wsu:Created2012-06-29T15:03:08.795Z</wsu:Created>
wsu:Expires2012-06-29T15:04:08.795Z</wsu:Expires>
</wsu:Timestamp>

ISSUER URL
<ds:Signature xmlns:ds=“http://www.w3.org/2000/09/xmldsig#”>
ds:SignedInfo
<ds:CanonicalizationMethod Algorithm=“http://www.w3.org/2001/10/xml-exc-c14n#”/>
<ds:SignatureMethod Algorithm=“xmldsig-more namespace”/>
<ds:Reference URI="#_d6256236-2241-447f-a4bb-4f7a6092aa06">
ds:Transforms
<ds:Transform Algorithm=“http://www.w3.org/2000/09/xmldsig#enveloped-signature”/>
<ds:Transform Algorithm=“http://www.w3.org/2001/10/xml-exc-c14n#”/>
</ds:Transforms>

Digest Value=
</ds:Reference>
</ds:SignedInfo>
ds:SignatureValueX78zi0DFUopTA+t36XXYvGY1KjmtfxYCZhfcy/rfz8kfBYKmq9AdEc1ISMS9mxVtP9uBEYkmYP53qtBNGfiNWCR+ACKBVVoBEH/YG4rFMRp/1SyF2M28y1bL/QamiGdI/VoR7aJItORygord8XYWWgk4hN/X0ayw=</ds:SignatureValue>

ds:X509Data ds:X509CertificateCERTAAOCAQEAjO6NytX2xOelrjX7hEuHNrPleDGtUnHtKcoecG09dnusgkv+9/5mQt5lFvrLblktmzMqBujaC4LA4upyb3wkOH1KKyavwlU9LafJOXwD40gD5lsPMH9lTlvxaa1s1bHuQsnTm6D/faMr3Ci3c/eAkIQYJ04iRSve8+GRsy7YcaTf4mUdsTsTQcxzPreGGeiBIu5Avsb8cZ16BdJuuzMDCx/h7KgRC+qvhdtRI/Tvae85HlP1/Xffb2WNz9kUBBtwr4MbY9kDPxISf68Lv1ElP26LLLyG2tJgrdKtS2izElQIbnlCElJMuDXgJJoiHG9PQ6mBCblvDFX9bd7rJlImBg==</ds:X509Certificate>
</ds:X509Data>

</ds:Signature>







Service URL




CTCISS:IDP:CISS



</wsse:Security>
</soapenv:Header>

Any help is greatly appreciated.

8.2.2 Core Fix 2 resolved this issue.