Hi Nandana and Dimuthu, thanks for your comments, We have a more complex problem because we can manage/store only DOM elements in our Database (instead of Token elements) and would like to generate a Token from an assertion.
We mean that we would like to do the following: 1) obtain a SAML assertion from the Token object (which has been obtained from the STS). 2) Save or change this SAML assertion as XML with a tool (without saving the Token object) (we have done the steps 1 and 2) 3) After this, in a different context, create a new Token from a SAML assertion that has been previously saved and use it in a new context sending it to the Service Provider. Could it be possible to do this? Thanks, Nuria 2008/3/12, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>: > > Hi Nuria, > You can implement a persistent token storage for this > scenario. So that you can persist the tokens you obtain and later use > them. Currently Rampart uses SimpleTokenStore which doesn't persist > tokens. To understand how Rampart store a SimpleTokenStore in the > configuration context, take a look at the getTokenStore() method in > the TrustUtil class [1]. You can also persist the token element in the > response in a file or database and create a token from it later when > needed. How create a token from the token element can be found in > processIssueResponse() method in the STSClient class [2]. > WSO2 WSAS has implemented a persistent token store which can > be found at SecurityTokenStore [2]. You can also take a look at it. > > thanks, > /nandana > > [1] - > https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TrustUtil.java > [2] - > https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java > [3] - > https://wso2.org/repos/wso2/trunk/wsas/java/modules/core/src/org/wso2/wsas/trust/SecurityTokenStore.java > > http://nandana83.blogspot.com/ > http://nandanasm.wordpress.com/ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
