You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Milton Fidel Vega Vega <mf...@udistrital.edu.co> on 2005/07/21 23:56:36 UTC
authorization approach
Dear all,
What is the best-practice approach for send authorization tokens for a
system?, not only username and password, also other identity parameters, like
the company, office etc, in a standar and interoperable way with other plataforms.
The usernameToken of ws-security only support username and password, and no
other parameters.
Maybe SAML, but I have only two parts, not the identity provider.
Any ideas?
Any help much appreciated
--
Universidad Distrital Francisco José de Caldas
http://www.udistrital.edu.co
Conmutador: (57-1) 3239300
Bogotá, D.C., Colombia
Re: authorization approach
Posted by Anne Thomas Manes <at...@gmail.com>.
The only interoperable way that I know of to send attribute
information is by using SAML.
Anne
On 7/21/05, Milton Fidel Vega Vega <mf...@udistrital.edu.co> wrote:
> Dear all,
>
> What is the best-practice approach for send authorization tokens for a
> system?, not only username and password, also other identity parameters, like
> the company, office etc, in a standar and interoperable way with other plataforms.
> The usernameToken of ws-security only support username and password, and no
> other parameters.
> Maybe SAML, but I have only two parts, not the identity provider.
>
> Any ideas?
>
>
> Any help much appreciated
>
>
> --
> Universidad Distrital Francisco José de Caldas
> http://www.udistrital.edu.co
> Conmutador: (57-1) 3239300
> Bogotá, D.C., Colombia
>
>