Enveloped Signature for SAML (XML) WSS Entry

Hello all,

I am struggling to create SAML 2 assertions with enveloped signatures.

Adding a SAML (Form) element and checking the box "signed" in the outgoing ws-security configuration creates an enveloped signatuer, but the form does not allow me to add attributes like "SPProvidedID" or a AttributeStatement block.

Using a SAML (XML) element containing the desired Assertion followed by a signature element creates a Signature block outside the Assertion element, i.e. the signature is not enveloped.

Putting a Security header including the Assertion element in the original request XML and using only a signature element in the outgoing configuration either yields an error about SoapUI not being able to find the to be signed element, or the original Security header is replaced rather than amended. And thus the Assertion is removed from the request.

Is it possible at all to create enveloped signatures for arbitrary SAML Assertion elements?

TIA!