George, Thanks very much for the clarification George. So it sounds like SAML "support" in Rampart 1.2 is limited to WS-SecureConversation?
Thanks, Ted On 6/15/07, George Stanchev <[EMAIL PROTECTED]> wrote:
Hi Ted, Rahas, as far as I understand, provides WS-SecureConversation, which is a subset of WS-Trust, implemtation, not a full STS capabilities. I think to obtain the SC token, it requires SAML exchange. I must admit though that I haven't used it, just delft in the code back then when it was version 1.1. Using the old configuration method, there was an action, "SAMLTokenSigned" which allowed you to create a signed SAML for a given identity (user) via rampart and include it in WSSE header. I don't know how to do it via the WSP and WSSP configuration and if they have removed it from 1.2 release. Best Regards, George -----Original Message----- From: Ted Jones [mailto:[EMAIL PROTECTED] Sent: Friday, June 15, 2007 5:29 AM To: [email protected] Subject: Re: SAML and Rampart 1.2 Thanks for the reply Angel. So just to be clear, Rahas is available as an STS to generate SAML tokens, but there is no way to add the token to the envelope? Is there any sort of work around (maybe a custom handler or something)? Also, is there a target release for including SAML token support with Rampart? Thanks again, Ted On 6/15/07, Angel Todorov <[EMAIL PROTECTED]> wrote: > > Hi Ted, > > Currently rampart doesn't support SAML tokens. > > Regards, > Angel > > On 6/15/07, Ted Jones <[EMAIL PROTECTED]> wrote: > > > > Just a few questions about adding SAML tokens in an Axis2 client: > > > > What is the property name for the token to be added to the options > > property array? > > Does the token need to be a SAMLAssertion instance? > > How is the token retrieved in the web service? > > > > TIA, > > Ted > > > ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
