Hi,
i have installed apache-cxf-2.7.2, maven 3.0. i am successful in running
the sample that was given as part of the distribution.
I have couple of questions on STS .
1. When STS generates the saml token, how do i control, whether
authorization assertion or authentication assertions statements should be
generated in the SAML Token
.
2. How can we specify to sign only authorization or authorization
statements only
3. How can we connect to ldap and verify the client user credentials and
what are the attributes he has and updated in the authentication and
authorization assertions
4. How does the WSP will validate the STS, i mean, the saml token generated
is valid during particular period of time
5. I want log each message(RST,RSTR) that is coming to STS, WSP(soap request
/response with token) and WSC(RST,RSTR,SOAP request/response to wsp ). do i
need to write any interceptor or handler for logging , if so what are the
changes i have to make to the sample
i can't user wireshark for this as it is local machine and its very hard
to interpret them too
Thanks
kk
--
View this message in context:
http://cxf.547215.n5.nabble.com/STS-newbie-questions-tp5722949.html
Sent from the cxf-user mailing list archive at Nabble.com.
