Hi Yogesh, Why aren't you just using an IssuedToken policy to get the SAML Token from the STS? That'll insert the received token automatically in the security header of the service request.
> Is there a way to take my existing SAML token unaltered from the STS reply > message and then use that in the SAML callback handler in the client when > calling the web service? You could get the received token in your CallbackHandler via the SecurityConstants.TOKEN tag on the message exchange. Then set the DOM Element directly on the SAMLCallback object. Colm. On Thu, Dec 20, 2012 at 8:04 PM, ychawla <[email protected]>wrote: > Hello All, > I have been following along with this blog to include a SAML token in a > wsse > security header from my web service client to the web service: > > > http://coheigea.blogspot.com/2011/06/ws-securitypolicysaml-sample-in-talend.html > > I have implemented a SAML callback handler on the client (and a custom > validator on the service): > > <entry key="ws-security.saml-callback-handler" > value-ref="mySamlCallbackHandler"/> > > and it reads a SAML token that I received from an STS and intends to pass > this SAML token along to the Web Service. > > The SAML callback handler is resigning the SAML token so when the Web > Service receives the token, it is signed by the web service client. My > requirements state that the SAML token should be signed by the STS and not > the web service client. > > Is there a way to take my existing SAML token unaltered from the STS reply > message and then use that in the SAML callback handler in the client when > calling the web service? > > I did find this post in the discussion list: > > > http://cxf.547215.n5.nabble.com/Insert-existing-SAML-assertion-td696489.html > > But it seems like the SAML Callback Handler mechanism might provide a more > straight forward way to do this. > > Thanks, > Yogesh > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/WS-Security-Policy-with-Existing-SAML-Token-tp5720608.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
