Hi Ruchith, I have answers for some of your questions.
1. The token issuing service from which I am obtaining the SAML token is a standard security token service(STS). But I am yet to receive the STS policy from the other group. 2. Yes, I simply want to include the obtained token in the Security header? I do NOT want to encrypt and/or sign the message with a key associated with the SAML token. Here is the scenario given by our other/security group. In this scenarios "SAML Token Issuing Service" and "SAML Token Resolver Service" both are provided to us by the security group. We are providing the "web service". Our web service should do the steps 4, 5 and provide the web service function. 1. Web Service Customer requests SAML authentication token to (SAML Token Issuing Service) with User-Id/Password over SSL (w/ WS-Security) - I guess this is usernametoken with digest password. 2. SAML Token Issuing Service issues token or return error message. 3. Web Service Consumer calls web Service passing all necessary parameters and SAML token in the request using WS-Security. 4. Application framework of the "web service" requests token validation to the "SAML Token Resolver Service" using WS-Security SAML configuration. 5. "SAML Token Resolver Service" returns message verifying token or error message if token is not valid. Thanks, Muralidaran Chakravarthy Ruchith Fernando wrote: > > Hi, > > I have a few questions about your scenario : > > 1.) Are you obtaining the SAML token from a standard security token > service(STS)? > 1.1) If so do you have security policy of that STS? > > 2.) Do you simply want to include the obtained token in the Security > header? Or do you want to encrypt and/or sign the message with a key > associated with the SAML token? > > Thanks, > Ruchith > > On 10/25/07, cmurali <[EMAIL PROTECTED]> wrote: >> >> Hi, >> >> I am new to SAML and don't know the complete process flow. >> >> I downloaded the wso2wsas-2.1-src.zip and found the sts-sample. But the >> documentation (Security Service Token Sample Guide) is in terms of WSO2 >> WSAS >> administration console. Is there any documentation that explains about >> the >> sts.policy file, service.policy file and axis2.policy file and changes >> that >> should go in for configuring for SAML? >> >> I have already configured synapse to perform usernametoken authentication >> and forward SOAP request to jboss server. This works fine. Right now we >> are >> mandated to use the "Token issuing service' provided by another group >> called >> single-sign-on group. So my job, right now, is to configure my synapse >> to >> process the SAML token. Processing means validating the token and would I >> have to communicate with the token issuing service for validating? If so, >> is >> there any hook like the rampart PWCBHandler class in which I have to >> handle >> that? >> >> Thanks, >> Muralidaran Chakravarthy >> >> >> Ruchith Fernando wrote: >> > >> > Hi, >> > >> > Can you please have a look at "sts-sample" in WSO2 WSAS [1] This does >> > exactly what you need. The client code is available in the sample >> > itself and you can see the code here [2] as well. >> > >> > Thanks, >> > Ruchith >> > >> > 1. http://dist.wso2.org/products/wsas/java/2.1 >> > 2. >> > >> http://wso2.org/repos/wso2/trunk/wsas/java/modules/samples/sts-sample/src/org/wso2/wsas/sample/sts/client/Client.java >> > >> > On 10/22/07, cmurali <[EMAIL PROTECTED]> wrote: >> >> >> >> Hi, >> >> >> >> I am trying to find a complete example to setup synapse/rampart/rahas >> for >> >> mainly processing SAML messages. I am also looking for sample client >> code >> >> for testing both the producer and processor of Security token >> messages. >> >> The >> >> scenario is like this. >> >> >> >> 1. Client contacts the token issuer. >> >> 2. STS service gives back the secure token. >> >> 3. Client inserts this token into the SOAP security header. >> >> 4. Sends this message to the security message processor. >> >> 5. Client gets a response back. >> >> >> >> Thanks, >> >> Muralidaran Chakravarthy >> >> -- >> >> View this message in context: >> >> >> http://www.nabble.com/Confugring-rampart-Rahas-for-producing-and-processing-SAML-messages.-tf4670568.html#a13342361 >> >> Sent from the Synapse - Dev mailing list archive at Nabble.com. >> >> >> >> >> >> --------------------------------------------------------------------- >> >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> >> > >> > >> > -- >> > www.ruchith.org >> > www.wso2.org >> > >> > --------------------------------------------------------------------- >> > To unsubscribe, e-mail: [EMAIL PROTECTED] >> > For additional commands, e-mail: [EMAIL PROTECTED] >> > >> > >> > >> >> -- >> View this message in context: >> http://www.nabble.com/Confugring-rampart-Rahas-for-producing-and-processing-SAML-messages.-tf4670568.html#a13394155 >> Sent from the Synapse - Dev mailing list archive at Nabble.com. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > www.ruchith.org > www.wso2.org > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Confugring-rampart-Rahas-for-producing-and-processing-SAML-messages.-tf4670568.html#a13536302 Sent from the Synapse - Dev mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
