Pablo Cibraro wrote:
1. Metro is expecting the user id as argument in all the business service operations. I think this should be modified to receive the user id only as a claim in the SAML token. I could not find java code that is looking for the user id claim. On the other hand, .NET is assuming that the user id is the SAML token negotiated with the Active STS, and therefore is always sending null in the business service operations. If I change the .NET implementation to send the user id as argument in the operation, everything works fine. This is redundant as the user id is already available in the SAML token, and the trader client should not have access to the SAML token content negotiated with the active STS (Only the Business service should have as it is the RP in this scenario).
Yes, the Metro side should be updated. Here is a sample on how to obtain the SAML assertion and the attributes in the business servcie:
http://fisheye5.cenqua.com/browse/wsit/wsit/samples/ws-trust/propagate/src/fs/simple/server/FSImpl.java?r=1.1 Then the attributes can be obtained similarly as in http://fisheye5.cenqua.com/browse/wsit/wsit/samples/ws-trust/propagate/src/common/SampleSamlValidator.java?r=1.1 Thanks! Jiandong
Regards, Pablo.
