Hi A following up question to this answer, hope it's okay. Is it the SAMLTokenProcessor class in wss4j lib that validates the saml 1 token is rampart?
cheers, Håkon 2009/3/20 Nandana Mihindukulasooriya <[email protected]> > How does your custom token get validated ? Have you added a custom handler > for that ? WSS4J has a map of processor registered with the QName of the > header block in the security header. So if we can register a processor for > your custom header, then we can get this problem solved. Yes, at current we > expect a SAML token when there is Issued Token as a supporting token in the > policy. This should be improved to look for any type custom token. We need > to find a way to register a custom processor with a QName in WSS4J and then > we can improve Rampart Configuration have those configuration data. If you > are willing to do these improvements, I can help and guide you to do that. > > thanks, > Nandana > > 2009/3/20 Håkon Sagehaug <[email protected]> > > Hi >> >> Any tips on this issue? >> >> cheers, Håkon >> >> 2009/3/17 Håkon Sagehaug <[email protected]> >> >> Hi all >>> >>> I've got a service that accepts a custom token from a sts service, but >>> when I call my end service after injected the custom token into my header I >>> always get >>> >>> org.apache.axis2.AxisFault: SAML Token missing in request >>> >>> replay from my service. So I was wondering what does ramart look for when >>> trying to extract the custom token? Is it that the value of TokenType, a >>> namespace containing the element in my case, that must be the same as one of >>> the elements in the soap header. I had a look at the code where the >>> exception is thrown, in PolicyBasedResultsValidator#handleSupportingTokens >>> >>> else if ( token instanceof IssuedToken ) { >>> //TODO is is enough to check for ST_UNSIGNED results ?? >>> WSSecurityEngineResult samlResult = >>> WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED); >>> if(samlResult == null) { >>> throw new RampartException("samlTokenMissing"); >>> } >>> } >>> >>> So if I got i correct is that it checks for unsigned saml tokens, bu >>> since my issued token is not a SAML token I've got a problem. Maybe the TODO >>> has something to do with it >>> >>> Any tips on how to solve this? >>> >>> cheers, Håkon >>> >>> >>> -- >>> Håkon Sagehaug, Scientific Programmer >>> Parallab, Bergen Center for Computational Science (BCCS) >>> UNIFOB AS (University of Bergen Research Company) >>> >> >> >> >> -- >> Håkon Sagehaug, Scientific Programmer >> Parallab, Bergen Center for Computational Science (BCCS) >> UNIFOB AS (University of Bergen Research Company) >> > > -- Håkon Sagehaug, Scientific Programmer Parallab, Bergen Center for Computational Science (BCCS) UNIFOB AS (University of Bergen Research Company)
