Hi, I have not tried out Rampart WS-Trust components with other products such as PingTrust yet.
How ever in cases where token acquisition is defined in the security policy where it defines an issuer as an external STS Rampart will be able to acquire a token from that STS. Thanks, Ruchith On 1/30/07, Wynn, Jackson E. <[EMAIL PROTECTED]> wrote:
Does anyone have any experiences (positive or negative) using rampart v1.1.1 with a commercial STS implementation such as Ping Trust v2.0?? Can rampart/rahas be configured to use an external STS? Thanks, Jackson -----Original Message----- From: Ruchith Fernando [mailto:[EMAIL PROTECTED] Sent: Monday, January 29, 2007 8:39 PM To: [email protected] Subject: Re: rahas v1.1 capabilities.. You can post rampart/rahas related questions to [email protected] list :-) Thanks, Ruchith On 1/30/07, Ruchith Fernando <[EMAIL PROTECTED]> wrote: > Hi, > > > On 1/30/07, Wynn, Jackson E. <[EMAIL PROTECTED]> wrote: > > > > > > Apologies to all if this is posted to the wrong group... > > > > I am developing a prototype using Axis 2 and would like to learn more about > > what WS-Trust capabilities rahas v1.1 supports. After reviewing the rampart > > 1.1 code base, it appears that the STS implemented with rahas v1.1 supports > > issuance and cancellation of SAML v1.1 and SCT tokens only. STS token > > renewal and challenge/response are not supported. > > > > Is this a correct assessment? Is <SignChallenge> or Key Exchange Tokens > > supported? > > Yes the statement is correct! We do not support challange/response > protocol and we don't have any renewers by default with rahas *yet*. > > > > > When I enable rahas for a web service, the ?wsdl for that services does not > > include STS request functions - is there a wsdl specification for the STS > > service that a web client application would use to request security tokens? > > This is another issue that we will have to improve. Please raise a > JIRA issue [1] on this. > > However this2] is the wsdl for the STS defined by the WS-Trust spec. > Thanks, > Ruchith > > [1] https://issues.apache.org/jira/browse/RAMPART > [2] http://schemas.xmlsoap.org/ws/2005/02/trust/WS-Trust.wsdl > > > > > Thanks, > > > > Jackson Wynn > > > > Lead INFOSEC Engineer > > The MITRE Corporation > > Bedford, MA > > > > (781) 271-3419 > > > -- > www.ruchith.org > www.wso2.org > -- www.ruchith.org www.wso2.org --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- www.ruchith.org www.wso2.org
