Thanks Glen, I guess it's time to look into Rampart. cheers, md
> -----Original Message----- > From: Glen Mazza [mailto:[EMAIL PROTECTED] > Sent: Friday, June 15, 2007 4:51 PM > To: [email protected] > Subject: Re: Axis2 and SAML > > > I unfortunately don't know much yet about Rampart, but apparently it > already incorporates openSAML (see second question/response here: > http://wso2.org/library/695 .) Since you are interested in security I > would guess you should be using Rampart immediately anyway, > because you > would want to encrypt the username/password, etc., correct? > > Glen > > Am Freitag, den 15.06.2007, 16:36 -0400 schrieb > [EMAIL PROTECTED]: > > Hi, > > > > I'm working on a single-sign-on service for our > organization's intranet. The idea an application can send a > username, and password and application identifier to the > service, and the service responds with a list of permissions > that the user has for the particular application. > > > > Just to get started, I created a service that returns a > string from which I can parse out what I need. But I'm > wondering if I could gain anything (such as greater > interoperability) by using a standard such as SAML to > represent a user and his/her permissions. > > > > I see that there is a framework for working with SAML: > http://www.opensaml.org/ > > > > Does this sound reasonable or am I heading in the wrong > direction? Will I end up with a schema nightmare if I return > a SAML xml document as a service payload? BTW, I plan on > writing the client and server by hand, because later I will > probably want to add rampart and have more control over > headers and stuff. > > > > Thanks > > Michael Davis > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
