Hi Christina, Check the contents under "Setting up a Security Token Service" available at [1] if you want to set up Rahas. Another sample is available at [2].
If you want to supply your own name identifier in the SAML token please implement the CallbackHanlder like this[3] and specify it in the <saml-config> as follows <dataCallbackHandlerClass>org.apache.rahas.MySAMLDataProvider</dataCallbackHandlerClass> Whole lot of test cases are available at [4], but I don't know how reader-friendly they are. There is also a concept of "TokenCallbackHandler". I will check whether it is possible to add a SAML token using this concept without using Rahas. Cheers, Dimuthu. [1]http://ws.apache.org/rampart/quick-start.html [2]https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-samples/policy/sample05/ [3]https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rahas/SAMLDataProvider.java [3]https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rahas/ On 8/14/07, Christina Larocca <[EMAIL PROTECTED]> wrote: > Hi all Axis2 users: > > I have been managing some web services using UsernameTokens (without using > rampart) to convey identities. I've a client that connects to a Token issuer > service that provides it an EndpointReference and the Username token needed > to authenticate. Now I must remodelate the security of the whole model and > instead of that, SAML tokens with encryption of the user name and signature > will be used. The last axis2 version I've been using was the 1.1 and now I'm > thinking about updating to the newest one and start using rampart. > > I have read that, unfortunatelly, Rampart itself can't be configured to add > the SAML token to the Security header and that it delegates those functions > to a STS called Rahas. The documentation I found about Rahas is very weak > and despite my experience I don't have a clue about where or how to start. > Could anyone indicate me where to find a good tutorial or use examples? Or, > even better, could anyone show me some code to generate the tokens? If it's > possible, I would prefer to config rahas with code instead of creating text > config files. > > Thanks in advance. > > Christina. > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
