Hi Nuria,
> I've some doubts about SAML with axis2. I need to know if the sample05
> covers all the the SAML cases.
No, it covers only one scenario. For example, this uses SAML token as a
supporting token. There is another scenarios where SAML token can be
used as a protection token where it will be used to sign and encrypt
messages.
> We first receive the SAML token response then we indicate, in the options
> the responseToken id
> I don't know where we are sending to the server the SAML assertion in the
> soapMessage
When the id is set, Rampart message builders add the assertion to the security
header according to the security policy. If you monitor the messages exchanged
through TCPMon, then you can actually see the SAML assertion in the security
header of the SOAP request to the service.
> Another thing is to know what are the requestSecurityToken parameters.
In the client, we set these parameters using RST template.
private static OMElement getRSTTemplate() throws Exception {
OMFactory fac = OMAbstractFactory.getOMFactory();
OMElement elem =
fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
elem).setText(RahasConstants.TOK_TYPE_SAML_10);
TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem,
RahasConstants.KEY_TYPE_PUBLIC_KEY);
TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem, 256);
return elem;
}
These parameters are defined in the WS Trust specification [1].
/nandana
[1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
