Hi I'm just looking into some SAML integration options too at the moment, at the HTTP level; there's a number of options but in a nutshell, the basic approach is to to invoke on a WS-Trust STS service, typically STS would either create a new or validate the existing SAML assertion for you; both SOAP-aware and HTML bindings are available. Example, a CXF interceptor can replace a username/password pair for a SAML assertion by invoking on the STS service.
Have a look at the JBoss PicketLink STS, some good documentation is available, here is the one showing how to use SAML assertions to secure EJBs, but it describes some STS basics pretty well : http://community.jboss.org/wiki/SAMLEJBIntegrationwithPicketLinkSTS and also http://community.jboss.org/wiki/PicketLinkSecurityTokenService hope it helps, Sergey On Mon, Jul 5, 2010 at 11:38 AM, Ralph Winzinger < [email protected]> wrote: > Hi, > > I'm currently working on security and now I'm stuck with SAML. My setup is, > that I do have a SSO-server which issues SAML assertions. I have to put that > SAML assertion into the SOAP header, but I don't have an idea how to > accomplish this (or where I can find elaborate documenation). I read various > related threads of cxf-users, but in the end, it didn't help. > > Did anybody have the same or a similar situation? Hints would be welcome > ... > > Thanks in advance, > Ralph > > > Ralph Winzinger > Principal Architect > ______________________________ > Senacor Technologies AG > Wieseneckstr. 26 > 90571 Schwaig b. Nürnberg > > Telefon: +49 (0)911 4244-202 > Telefax: +49 (0)911 4244-100 > > [email protected] > www.senacor.com > > Senacor Technologies Aktiengesellschaft - Sitz: Schwaig b. Nürnberg - > Amtsgericht Nürnberg - Reg.-Nr.: HRB 23098 > Vorstand: Matthias Tomann, Marcus Purzer - Aufsichtsratsvorsitzender: > Mathias J. Lindermeir > >
