Hi, If you want to configure claims you can use the callback mechanism as in this test case[1].
If you want to obtain Username/passowrd then you can do it as specified here[2]. You can look at this class for more different types of results[3] Thank you, Dimuthu [1]https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rahas/SAMLDataProvider.java [2]http://wso2.org/library/169 [3]https://svn.apache.org/repos/asf/webservices/wss4j/trunk/src/org/apache/ws/security/WSSecurityEngineResult.java On Fri, 2007-10-05 at 10:07 +0200, Massimiliano Masi wrote: > Hi all, > > I am trying to setup a webservice that acts as WS-Trust STS with rampart. > I've a design question. > > Clients sends the authentication claim in the wsse:Security element in the > header (claims such as Username/Password, SAML Tokens, Kerberos and > X.509 binary secrets). Based on the identity carried in this wsse:Security, > the STS decide to issue or not the security token (that is my own > implementation > of SAML2). > > Now I'm thinking: the wsse:Security element is detached by a module (that I > will write I think, to get all my claims processed). But, detaching the > header, I don't know anymore the identity of the user! So, I thought to > put in the header of the SOAP message something like > <identity>userIdentity</identity> > so the STS implementation can have the information on the identity of the > user (and can decide to issue a token). > > Have you other ideas? Does it looks good for you? Have you any pattern? > I'll appreciate your hints! > > > Thank you! > > > > > ---------------------------------------------------------------- > This message was sent using IMP, the Internet Messaging Program. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > -- http://wso2.org --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
