I can't see the assertion in the header of the message. Could it be because this information is encryptied?
The soap message is the following: <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:xenc ="http://www.w3.org/2001/04/xmlenc#";> <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing";> <wsse:Security xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd " soapenv:mustUnderstand="1"> <wsu:Timestamp xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd " wsu:Id="Timestamp-18655235"> <wsu:Created>2008-02-11T08:29:14.629Z</wsu:Created> <wsu:Expires>2008-02-11T08:34:14.629Z</wsu:Expires> </wsu:Timestamp> <xenc:EncryptedKey Id="EncKeyId-9949215"> <xenc:EncryptionMethod Algorithm=" http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <wsse:SecurityTokenReference> <wsse:KeyIdentifier EncodingType=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary " ValueType=" http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1 ">HYL371NzoOs2+IA24VDkBGcUFQM=</wsse:KeyIdentifier> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> NS8hopFGnXC0p1Wma5EppZyhltrqoG/Xc6awAEYNoP8ZG7OCIbss4n9EbiKvE/Cc7qoJaJF7hbjp0fpTASStbb4/mABDSw6ZhYmS5VOgZpKnSyiX1DVeyWpXZkJmw2pFfZwXwlV0Z7zL05+TtY+fA/ofPBlUCnrBJFYOaeUYMlA= </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedKey> <xenc:ReferenceList/> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; Id=" Signature-18871350"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm=" http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1 "/> <ds:Reference URI="#Id-14721926"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>kTTbXVwC6Hqhw+aPoSClk+I1MQ8=</ds:DigestValue> </ds:Reference> <ds:Reference URI="#Timestamp-18655235"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>QL1srEXsHEJxBVvISWC6qqC135Q=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>Pl4+PwCkehIyXTKWaruQTsS7gGE=</ds:SignatureValue> <ds:KeyInfo Id="KeyId-14301726"> <wsse:SecurityTokenReference xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd " wsu:Id="STRId-18725445"> <wsse:Reference URI="#EncKeyId-9949215" ValueType=" http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-soap-message-security-1.1#EncryptedKey "/> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> </wsse:Security> <wsa:To>http://localhost:8081/axis2/services/sample05?wsdl</wsa:To> <wsa:MessageID>urn:uuid:7CD0DAE693C1E94AFF1202718554608</wsa:MessageID> <wsa:Action>urn:echo</wsa:Action> </soapenv:Header> <soapenv:Body xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd " wsu:Id="Id-14721926"> <ns1:echo xmlns:ns1="http://sample05.policy.samples.rampart.apache.org";> <param0>Hello world1</param0> </ns1:echo> </soapenv:Body> </soapenv:Envelope> 2008/2/12, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>: > > Hi Nuria, > > > I've some doubts about SAML with axis2. I need to know if the sample05 > > covers all the the SAML cases. > > No, it covers only one scenario. For example, this uses SAML token as a > supporting token. There is another scenarios where SAML token can be > used as a protection token where it will be used to sign and encrypt > messages. > > > We first receive the SAML token response then we indicate, in the > options > > the responseToken id > > I don't know where we are sending to the server the SAML assertion in > the > > soapMessage > > When the id is set, Rampart message builders add the assertion to the > security > header according to the security policy. If you monitor the messages > exchanged > through TCPMon, then you can actually see the SAML assertion in the > security > header of the SOAP request to the service. > > > Another thing is to know what are the requestSecurityToken parameters. > > In the client, we set these parameters using RST template. > > private static OMElement getRSTTemplate() throws Exception { > OMFactory fac = OMAbstractFactory.getOMFactory(); > OMElement elem = > fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE); > TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02, > elem).setText(RahasConstants.TOK_TYPE_SAML_10); > TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem, > RahasConstants.KEY_TYPE_PUBLIC_KEY); > TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem, > 256); > return elem; > } > > These parameters are defined in the WS Trust specification [1]. > > /nandana > > [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf > > http://nandana83.blogspot.com/ > http://nandanasm.wordpress.com/ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
