On Thu, Jun 26, 2008 at 8:35 AM, Tim Williams <[EMAIL PROTECTED]> wrote: > So far the samples seem to explicitly (through API) retrieve a token > from the STS. I'm wondering whether this can be done declaratively > only by way of the policy. It seems that if I have a policy file > exposed within a service's WSDL that states what STS that is > acceptable, then the client shouldn't need to get a token through the > API? > > In other words, in code I would expect something like: > > - setup a ServiceClient for the service provider endpoint > - engage Rampart > - load the service's policy document > - call service > > and I would expect that based on Rampart's understanding of the policy > it would know to retrieve a token from the STS prior to actually > making the call to the service provider. > > If my expectation is wrong, then once I get a token from the STS > programmatically, how do i attach it to the actual service call?
It seems my expectation was reasonable, I just tried Rampart 1.4 sample 06 and essentially does what i wanted. On a side note, sample05 only seems to work *after* I successfully run sample06. If I type ant clean in the sample/policy directory then try sample05 it's broken with something about a missing WSSE:Security header. Sorry for the noise... --tim --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
