Thanks for your quick response. I'm going to put the examples to work. Regards.
Christina. 2007/8/14, Ruchith Fernando <[EMAIL PROTECTED]>: > > Hi Christina, > > Rampart supports adding SAML Tokens to the security header in the > policy based implementation. You can see an example here : > > http://marc.info/?l=axis-user&m=118665642802630&w=2 > > By the way note that this requires the service to express it > requirements in policy and this sample uses the token acquired from > the Security Token Service to encrypt and sign the message. > > I'm not sure what you mean by "...SAML tokens with encryption of the > user name and signature will be used ...". Please check whether the > above sample fits your requirement. > > Thanks, > Ruchith > > On 8/14/07, Christina Larocca <[EMAIL PROTECTED]> wrote: > > Hi all Axis2 users: > > > > I have been managing some web services using UsernameTokens (without > using > > rampart) to convey identities. I've a client that connects to a Token > issuer > > service that provides it an EndpointReference and the Username token > needed > > to authenticate. Now I must remodelate the security of the whole model > and > > instead of that, SAML tokens with encryption of the user name and > signature > > will be used. The last axis2 version I've been using was the 1.1 and now > I'm > > thinking about updating to the newest one and start using rampart. > > > > I have read that, unfortunatelly, Rampart itself can't be configured to > add > > the SAML token to the Security header and that it delegates those > functions > > to a STS called Rahas. The documentation I found about Rahas is very > weak > > and despite my experience I don't have a clue about where or how to > start. > > Could anyone indicate me where to find a good tutorial or use examples? > Or, > > even better, could anyone show me some code to generate the tokens? If > it's > > possible, I would prefer to config rahas with code instead of creating > text > > config files. > > > > Thanks in advance. > > > > Christina. > > > > > > > -- > www.ruchith.org > www.wso2.org > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
