The OASIS WSS TC completed a SAML Token interop last year (before it was standardized). Participating companies included: IBM, Netegrity (now CA), MSFT, SAP, Sarvega, Sun, and Westbridge (now Actional).
See http://lists.oasis-open.org/archives/wss/200406/msg00044.html Anne On 5/18/05, Dittmann Werner <[EMAIL PROTECTED]> wrote: > G�rkan, > > WSS4J implements the WSS profiles described in the > OASIS WSS Specification 1.0 and to some sort the SAML > profile. > > Is this encryption mechanism part of the OASIS WSS profiles? > Or is it documented somewhere? > > Anyhow, to me this seems another proprietary extension of > .NET/WSE (or is this someting that is also used in conjunction > with secure conversation?). > > Sometime ago we had a similar problem because .NET/WSE > uses a proprietary mechanism to generate a Signature with a > Signature key that is constructed from data in UsernameToken - > we inserted this algo, pls refer to UsernameTokenSignature > (last weekend I updated some inline doc about this topic, pls > chek the CVS mail here in the list). However, no official interop > was done for this, support is weak because of weak documention, > and so on. > > Interop tests were done for the WSS profiles X.509 and UsernameToken, > I'm not aware of interop tests for the SAML profile (does anybody > knows about SAML profile interops?). > > Interop tests for proprietary extensions shall be done on a > case by case basis. Often there is no official documentation about > the proprietary extensions. > > If possible use security profiles as specified in OASIS WS Specification > 1.0. because this enhances interop to a great extend. > > Regards, > Werner > > > -----Urspr�ngliche Nachricht----- > > Von: G�rkan Vural [mailto:[EMAIL PROTECTED] > > Gesendet: Dienstag, 17. Mai 2005 10:23 > > An: [email protected] > > Betreff: .net and wss4j interoperatibility > > > > > > .net wse can encrypt data with username token using aes128-cbc with a > > key smaller than 128 bits. when i try to decrypt message with wss4j > > using the same password (smaller than 16 bytes) it throws an exception > > that the key size is smaller than 128. i tried to fill empty > > bytes with > > spaces but it didn't work. does anyone know how to extend the password > > to 128 bits like .net wse does. > > > > also are there any known issues that will make my work easy while > > interoperating .net and wss4j? > > > > -- > > gurkan > > > > ==========================================================- > > Bu e-posta sadece yukarida isimleri belirtilen kisiler > > arasinda �zel haberlesme amacini tasimaktadir. Size > > yanlislikla ulasmissa l�tfen g�nderen kisiyi bilgilendiriniz > > ve mesaji sisteminizden siliniz. Turkiye Cumhuriyet Merkez > > Bankasi A.S. bu mesajin icerigi ile ilgili olarak hicbir > > hukuksal sorumlulugu kabul etmez. > > > > This e-mail communication is intended for the private use of > > the people named above. If you received this message in > > error, please immediately notify the sender and delete it > > from your system. The Central Bank of The Republic of Turkey > > does not accept legal responsibility for the contents of this message. > > >
