Hello Nandana:
I've some questions about the ConfigurationContext
We have to create ConfigurationContext when we use WS-Security (Rampart) or
WS-Addressing because in these cases we need to use modules (rampart and
addressing).
So when I want to add information in the SOAPHeader using SWA (Soap with
Attachment) I've problems.
Could I manage soap header when I use the addressing module?
Thanks, Nuria
2008/2/19, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> Hi Nuria,
>
> > A client accessing a WebService, and a SAML Authority (STS):
> >
> > 1) Have the client and the web Service to access to the same SAML
> Authority?
> > (I have read anywhere that the SAML Authority only can be of STS type).
>
> Client needs access to the STS as it requires to get tokens from the STS.
> And
> Client <---> STS and
> STS <---> Web
> must trust each other. Sometimes service don't need to access the STS
> to validate the SAML token. In the examples of Rampart, service itself
> validates the SAML token and it doesn't access the STS. But there is a
> pre configured trust between the STS and the service.
>
> > 2) Covers RAHAS all the scenarios of SAML interaction between these
> actors
> > or there are any limitations currently?
>
> RAMPART/RAHAS can use SAML token as a supporting token and as a
> protection token. So those two scenarios are pretty covered.
> WS Trust specification defines four bindings. Namely Issue , Validate,
> Renew, Cancel bindings. At the moment, Rampart only facilitate Issue
> and Cancel bindings. But we may be able to get the other two bindings
> working before the next release of Apache Rampart.
>
> thanks,
> /nandana
>
>
>
>
> > 2008/2/14, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> >
> > > Hi Jens,
> > > Not at the moment. But we will include a one before next release.
> > >
> > > thanks,
> > > nandana
> > >
> > > On Tue, Feb 12, 2008 at 2:31 PM, Jens Goldhammer
> > > <[EMAIL PROTECTED]> wrote:
> > > >
> > > > Hello Nunny,
> > > >
> > > > is there any sample available where the SAML token can be used as a
> > > > protection token for signing and encrypting messages?
> > > >
> > > > Thanks,
> > > > Jens
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Nunny wrote:
> > > > >
> > > > > Hi Nuria,
> > > > >
> > > > >> I've some doubts about SAML with axis2. I need to know if the
> > sample05
> > > > >> covers all the the SAML cases.
> > > > >
> > > > > No, it covers only one scenario. For example, this uses SAML
> token as
> > a
> > > > > supporting token. There is another scenarios where SAML token can
> be
> > > > > used as a protection token where it will be used to sign and
> encrypt
> > > > > messages.
> > > > >
> > > > >
> > > > >
> > > > >> We first receive the SAML token response then we indicate, in
> the
> > options
> > > > >> the responseToken id
> > > > >> I don't know where we are sending to the server the SAML
> assertion
> > in the
> > > > >> soapMessage
> > > > >
> > > > > When the id is set, Rampart message builders add the assertion to
> the
> > > > > security
> > > > > header according to the security policy. If you monitor the
> messages
> > > > > exchanged
> > > > > through TCPMon, then you can actually see the SAML assertion in
> the
> > > > > security
> > > > > header of the SOAP request to the service.
> > > > >
> > > > >> Another thing is to know what are the requestSecurityToken
> > parameters.
> > > > >
> > > > > In the client, we set these parameters using RST template.
> > > > >
> > > > > private static OMElement getRSTTemplate() throws Exception {
> > > > > OMFactory fac = OMAbstractFactory.getOMFactory();
> > > > > OMElement elem =
> > > > > fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE
> );
> > > > > TrustUtil.createTokenTypeElement(
> RahasConstants.VERSION_05_02,
> > > > > elem).setText(RahasConstants.TOK_TYPE_SAML_10);
> > > > > TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02
> ,
> > elem,
> > > > > RahasConstants.KEY_TYPE_PUBLIC_KEY);
> > > > > TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02
> ,
> > elem, 256);
> > > > > return elem;
> > > > > }
> > > > >
> > > > > These parameters are defined in the WS Trust specification [1].
> > > > >
> > > > > /nandana
> > > > >
> > > > > [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
> > > > >
> > > > > http://nandana83.blogspot.com/
> > > > > http://nandanasm.wordpress.com/
> > > > >
> > > >
> > > > >
> ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > > >
> > > > >
> > > > >
> > > >
> > > > --
> > > > View this message in context:
> > http://www.nabble.com/SAML-with-Axis2-tp15314610p15429275.html
> > > > Sent from the Axis - User mailing list archive at Nabble.com.
> > > >
> > > >
> > > >
> > > >
> > >
> > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
> >
>
> http://nandana83.blogspot.com/
> http://nandanasm.wordpress.com/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
