Re: SAML with Axis2

Tue, 12 Feb 2008 01:58:10 -0800 

Hi Nandana,

I've a doubt about the STS. Do the service and client limited to deploy the
rahas module to use STS or they can use different type of SAML Authority?.
If the SAML authority is not STS could our client connect to this SAML
authority or is limited to the STS?

Thanks, Nuria




2008/2/12, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> Hi Nuria,
>
> > I've some doubts about SAML with axis2. I need to know if the sample05
> > covers all the the SAML cases.
>
> No, it covers only one scenario. For example, this uses SAML token as a
> supporting token. There is another scenarios where SAML token can be
> used as a protection token where it will be used to sign and encrypt
> messages.
>
> > We first receive the SAML token response then we indicate, in the
> options
> > the responseToken id
> > I don't know where we are sending to the server the SAML assertion in
> the
> > soapMessage
>
> When the id is set, Rampart message builders add the assertion to the
> security
> header according to the security policy. If you monitor the messages
> exchanged
> through TCPMon, then you can actually see the SAML assertion in the
> security
> header of the SOAP request to the service.
>
> > Another thing is to know what are the requestSecurityToken parameters.
>
> In the client, we set these parameters using RST template.
>
>    private static OMElement getRSTTemplate() throws Exception {
>        OMFactory fac = OMAbstractFactory.getOMFactory();
>        OMElement elem =
> fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
>        TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
> elem).setText(RahasConstants.TOK_TYPE_SAML_10);
>        TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem,
> RahasConstants.KEY_TYPE_PUBLIC_KEY);
>        TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem,
> 256);
>        return elem;
>    }
>
> These parameters are defined in the WS Trust specification [1].
>
> /nandana
>
> [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
>
> http://nandana83.blogspot.com/
> http://nandanasm.wordpress.com/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

Reply via email to