Hi George, Sure.. you are somewhat out dated :-)
The rampart STS has support for WS-Trust 1.3 as well as some parts of the WS-Trust 1.4 and we ship this with WSO2 Identity Server product - and the STS been used in real production scenarios.. Hi Flippo, Yes, as you mentioned your requirement is not supported yet.. But we can help you building it.. Please provide further insights in to the requirement... Thanks & regards, -Prabath On Wed, Feb 8, 2012 at 8:29 AM, George Stanchev <gstanc...@serena.com>wrote: > Hi Filippo,**** > > ** ** > > I don’t believe the Axis2 STS is mature enough to support what you are > asking about. Neither rampart contains a general-purpose WS-Trust client. > AFAIK the main purpose of the Axis2 STS is to server SCTs for > WS-SecureConversation. Granted, I’ve stopped following its development for > a while so others might correct me if I am wrong.**** > > ** ** > > I am not sure anything you ask for is available as open source. You can > try checking out the Apache CFX STS implementation which was donated by > Talend which could be more mature. CXF also might have a more mature > client. Other than that, you can also check Sun’s OpenSSO or any other more > comprehensive SSO implementation. [1] contains some starting point links.* > *** > > ** ** > > George**** > > ** ** > > ** ** > > [1] http://kantarainitiative.org/wordpress/programs/iop-saml/**** > > ** ** > > *From:* FILIPPO AGAZZI [mailto:filippo.aga...@studenti.unipr.it] > *Sent:* Tuesday, February 07, 2012 7:28 AM > *To:* java-user@axis.apache.org > *Subject:* [Axis2] [Rampart] ws-trust negotiation and challenge extension > support**** > > ** ** > > Hi all, > i'm Filippo Agazzi, an Informatic Engineer student at University of Parma, > Italy. i'm working on a thesis about "Automated trust negotiation using > ws-* standard", and i need, as a basis, to have a client and a service > (probably a STS), challenging each other and exchanging multiple > RequestSecurityTokenReponse message, before a final message is sent by the > service to the client. I see that ws-Trust includes a negotation and > challenge framework; so my question is: is there any support or > implementation in axis2 and rampart (rahas) for this ws-trust extension? > I've already studied and successfully run the samples in rampart > distribution, for example "sample05", where client asks for a saml token to > a STS; but that is a single round trip, instead i need more rounds and i > need to insert xml custom element (for example wsp:Policy element) in > RequestSecurityToken and RequestSecurityTokenReponse messages. Here the > link to the standard section i refer to : > http://docs.oasis-open.org/ws-sx/ws-trust/v1.4/os/ws-trust-1.4-spec-os.html#_Toc212615468. > > > Eventhough there isn't any support/implementation in Axis2 for ws-trust > negotation and challeng extension, someone have any ideas on how this can > be done? Anyone, plese, can indicate me a way on how implement this? I've > searched a lot and widely on the web, but i can't find nothing really > useful, so i'm hard blocked on this point. > > Thank you very much in advance. > > Best regards. > > Filippo Agazzi**** > > ** ** > -- Thanks & Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com
