Sorry, I was busy with some lectures yesterday. You are talking about
the following scenario, right ? This is possible with Rampart, but
third step is not done by Rampart by default. Normally Rampart tries
to validate the token by it self, but this can be done with little
effort.
thanks,
Nandana
1.) WS - A ---- credentials
---------------------------> STS - A
<---- SAML2 (signed by STS - A) ----------------
2.) WS - A ------------- SAML2 (signed by STS - A) ----------> WS - B
3.) WS - B ---- SAML2 (signed by STS - A) / validate --------> STS B
4.) WS - A <----------------- response ------------------------------ WS - B
On Tue, Sep 29, 2009 at 10:30 AM, Francesco Stampacchia
<[email protected]> wrote:
> Hello Nandana,
> Have you got some news about the question I asked you yesterday?
>
> Thanks.
>
> 2009/9/28 Francesco Stampacchia <[email protected]>
>>
>> I've got a WSC on domain A that has to access a WS on domain B.
>> WSC would present its credentials to its local STS and so obtains a SAML2
>> Assertion.
>> Then the newly generated assertion is sent to the WS.
>> The WS will present the received assertion to its STS in order to validate
>> it. Validation will be succsessful only if both STS are federated.
>>
>> Thanks
>>
>> 2009/9/28 Nandana Mihindukulasooriya <[email protected]>
>>>
>>> Yes, it is possible to use Rampart for trust operation and by default
>>> Rampart comes with a token issuer, renewer, validator and canceller
>>> for SAML tokens. What exactly is your scenario ?
>>>
>>> thanks,
>>> Nandana
>>>
>>>
>>> ---------- Forwarded message ----------
>>> From: Francesco Stampacchia <[email protected]>
>>> Date: Mon, Sep 28, 2009 at 1:00 PM
>>> Subject: WS-Trust with Rampart
>>> To: [email protected]
>>>
>>>
>>> It is possible to exploit WS-Trust operations with the new Rampart
>>> release?!
>>> If so, could you point me to some references or best practices?!
>>>
>>> Thanks
>>>
>>> --
>>> Francesco Stampacchia
>>
>>
>>
>> --
>> Francesco Stampacchia
>
>
>
> --
> Francesco Stampacchia
>
