RE: SAML Assertion not attached to soap header

[Rangasamy, Prakash]

Brian,
                I have a requirement to include SAML expiration date and Skew 
time in SAML token request. You have any idea how to achieve this.

From: Brian Reinhold [mailto:brianreinh...@lampreynetworks.com]
Sent: 03 April 2015 PM 04:37
To: java-dev@axis.apache.org
Subject: RE: SAML Assertion not attached to soap header

Prakash,

Unfortunately I know of no tutorials. And I know their examples are not correct 
in the secure domain. I had to make a number of fixes on the client side to get 
it to work.

Brian

From: Rangasamy, Prakash [mailto:prakash.rangas...@scientificgames.com]
Sent: Friday, April 3, 2015 6:43 AM
To: java-dev@axis.apache.org
Subject: RE: SAML Assertion not attached to soap header

Brian,
                I was using rampart1.5, replaced it with rampart1.6.1 now and 
tested. It is working, now I can see the SAML Assertion added to soap header. I 
guess issue with the lower version jars. Thanks for your help.

Can you suggest any tutorial for axis rampart..


From: Brian Reinhold [mailto:brianreinh...@lampreynetworks.com]
Sent: 03 April 2015 PM 03:10
To: java-dev@axis.apache.org<mailto:java-dev@axis.apache.org>
Subject: RE: SAML Assertion not attached to soap header

Prakash,

After looking at that old code I see that you do exactly the same thing as I 
did. Of course that raises the question of whether or not your STS request was 
successfully generating the token. One has to take the effort to extract the 
token from the STS response and store it using the Rampart TokenStorage class. 
Have you checked to see if you get a token?

Here is a code snippet I had for the STS where I printed out the token to a 
file (there may be other junk in this code that is superfluous … I don’t recall 
since I have not used it for years!):

        Options opts = new Options();
        /* These are for Username token */
        opts.setUserName("some name");
        opts.setPassword("some password");
        opts.setProperty(WSHandlerConstants.PW_CALLBACK_REF, new 
PasswordCallback());
        
opts.setProperty(AddressingConstants.ADD_MUST_UNDERSTAND_TO_ADDRESSING_HEADERS, 
true);
        opts.setProperty(AddressingConstants.INCLUDE_OPTIONAL_HEADERS, true);
        client.setOptions(opts);
        Policy policy = 
PolicyEngine.getPolicy(getClass().getResourceAsStream("policy.xml"));
        Policy stsPolicy = 
PolicyEngine.getPolicy(getClass().getResourceAsStream("sts-policy.xml"));
        theToken = client.requestSecurityToken(policy, service.toString(), 
stsPolicy, null);
        TokenStorage store = TrustUtil.getTokenStore(ctxt);
        store.add(theToken);
        OMElement token = theToken.getToken();
        try
        {
            String samlToken = token.toString();
            File file = new File("SAMLToken");
            FileOutputStream fos = new FileOutputStream(file);
            fos.write(samlToken.getBytes());
            fos.flush();
            fos.close();
        }

There was a method in this class that returned the token:

    public Token getToken()
    {
        return theToken;
    }

which is what I used in the
options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, 
responseToken.getId());

line.

Brian
From: Rangasamy, Prakash [mailto:prakash.rangas...@scientificgames.com]
Sent: Friday, April 3, 2015 1:04 AM
To: java-dev@axis.apache.org<mailto:java-dev@axis.apache.org>
Subject: RE: SAML Assertion not attached to soap header

Hi Brian,
                we have STS server which generates Token, that is perfectly 
fine. My doubt is, how to include the token to soap header. I tried to include 
the token to soap request through setproperty(refer code snippet below)
options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, 
responseToken.getId());

but when we examine the soap request in log, not able to locate the attached 
SAMl  token.


1.    I don't know where we are sending to the server the SAML assertion in the 
soapMessage, is this because the information is encryptied?

2.    Could you please share me some tutorial about rampart policy(how to sign, 
encrypt, include SAML)

your reply is highly appreciated..

Thanks,
Prakash
From: Brian Reinhold [mailto:brianreinh...@lampreynetworks.com]
Sent: 03 April 2015 AM 03:22
To: java-dev@axis.apache.org<mailto:java-dev@axis.apache.org>
Subject: RE: SAML Assertion not attached to soap header

Prakash,

I am not sure what you are trying to do. Usually the client requests a token 
from a SAML server (perhaps with WS-Trust) and the token is generated on the 
server which you then use as an opaque block in a message to the server. Are 
you creating the token on the client?

Brian

From: Rangasamy, Prakash [mailto:prakash.rangas...@scientificgames.com]
Sent: Thu, April 02, 2015 12:38 PM
To: java-dev@axis.apache.org<mailto:java-dev@axis.apache.org>
Subject: SAML Assertion not attached to soap header

Hi,
 I'm new in SAML with Axis2 Rampart. we are developing a web service client to 
communicate to secure web service which has SAML enabled.
we included the SAML Assertion to soap request thru KEY_CUSTOM_ISSUED_TOKEN. 
but when we examine the request sent to endpoint, SAML Assertion is not present 
in header.

Is this issue in rampart or im missing something in the config.

thanks,
Prakash



Prakash Rangasamy | Software Analyst | Bally 
Technologies<http://www.ballytech.com>  | (O) +1 702 532 2662 | (M) +91 77 6039 
7260

May be privileged. May be confidential. Please delete if not the addressee.
Prakash Rangasamy
________________________________
No virus found in this message.
Checked by AVG - www.avg.com<http://www.avg.com>
Version: 2015.0.5863 / Virus Database: 4321/9440 - Release Date: 04/02/15
No virus found in this message.
Checked by AVG - www.avg.com<http://www.avg.com>
Version: 2015.0.5863 / Virus Database: 4321/9440 - Release Date: 04/02/15