Hi Ivan, I tried Apache CXF Fediz already. It does not exactly fit my requirements. Thanks anyway!
I got the requirement as: 1) user will be authenticated by an external identity provider and get SAML2 token. This will be done during the client logins using a Web interface. 2) the SAML2 token from 1) (or a part of it) is used by the Web interface to get another SAML2 token from a web service. 3) the SAML2 token from 2) will be used by the Web interface when it calls other web services for other services. I follow the example at http://www.jroller.com/gmazza/entry/cxf_sts_tutorial, and tried to do some customization to implement step 2 and 3. patch -- View this message in context: http://cxf.547215.n5.nabble.com/Get-Security-Token-tp5728824p5728827.html Sent from the cxf-user mailing list archive at Nabble.com.
