[PicketLink 2.1.10.Final]
When creating SAML token, I need to set up some namespaces to be in "InclusiveNamespaces PrefixList". They should be preserved by canonisation.
I do not know how to tell picketlink to add them.
I expect following result:
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="akond" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-31">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="akond" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
I need to preserve namespaces which are not "visibly used":
<saml:AttributeStatement>
<saml:Attribute Name="auth-code">
<saml:AttributeValue xsi:type="akond:Code" xmlns:akond="http://schemas.akond.com/sec/500/2015/03/001" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">50360424</saml:AttributeValue>
</saml:Attribute>
I customize org.picketlink.identity.federation.core.wstrust.PicketLinkSTS
to add our AttributeStatement then make standard postprocessing on default handler:
WSTrustRequestHandler handler = this.config.getRequestHandler();
(...)
Document doc = handler.postProcess(asertion, request);
Where/How to add InclusiveNamespaces ?