Hi, This sample is a proof-of-concept to show metadata exchange works with security. So if you look at the service's security policy, specifically the
<Issuer xmlns="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <Address xmlns="http://www.w3.org/2005/08/addressing";> http://localhost:8090/axis2/services/STS</Address> <Metadata xmlns="http://www.w3.org/2005/08/addressing";> <mex:Metadata xmlns:mex="http://schemas.xmlsoap.org/ws/2004/09/mex"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> <mex:MetadataSection Dialect=" http://schemas.xmlsoap.org/ws/2004/09/mex";> <mex:MetadataReference> <Address xmlns="http://www.w3.org/2005/08/addressing";> http://localhost:8080/axis2/services/mex</Address> </mex:MetadataReference> </mex:MetadataSection> </mex:Metadata> </Metadata> </Issuer> It has both issuers address and a mex endpoint to get the policy of the issuer. So if you go through the services.xml , you can see there is a mex service too. What Rampart does is first call the mex service and find the policy of the issuer and then send a message to issuer according to that security policy to get a the token. Then it is similar to sample 05. thanks, nandana On Wed, Jul 16, 2008 at 2:44 PM, Petter Olsson <[EMAIL PROTECTED]>wrote: > Hi > > How can I make my client fetch the Issuer address of a supporting token > (SAML) from the service policy? Do I have to parse the policy myself (in > the > client) or is there a better solution? > > It seems that sample06 may solve this problem, but I don't understand how > it's done. > > ... > <Issuer xmlns="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <Address xmlns="http://www.w3.org/2005/08/addressing";> > http://localhost:8080/axis2/services/STS</Address> > </Issuer> > ... > > /Petter > -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/ http://www.wso2.org
