Hi all, i'm Filippo Agazzi, an Informatic Engineer student at University of Parma, Italy. i'm working on a thesis about "Automated trust negotiation using ws-* standard", and i need, as a basis, to have a client and a service (probably a STS), challenging each other and exchanging multiple RequestSecurityTokenReponse message, before a final message is sent by the service to the client. I see that ws-Trust includes a negotation and challenge framework; so my question is: is there any support or implementation in axis2 and rampart (rahas) for this ws-trust extension? I've already studied and successfully run the samples in rampart distribution, for example "sample05", where client asks for a saml token to a STS; but that is a single round trip, instead i need more rounds and i need to insert xml custom element (for example wsp:Policy element) in RequestSecurityToken and RequestSecurityTokenReponse messages. Here the link to the standard section i refer to : http://docs.oasis-open.org/ws-sx/ws-trust/v1.4/os/ws-trust-1.4-spec-os.html#_Toc212615468.
Eventhough there isn't any support/implementation in Axis2 for ws-trust negotation and challeng extension, someone have any ideas on how this can be done? Anyone, plese, can indicate me a way on how implement this? I've searched a lot and widely on the web, but i can't find nothing really useful, so i'm hard blocked on this point. Thank you very much in advance. Best regards. Filippo Agazzi
