You are viewing a plain text version of this content. The canonical link for it is here.

Posted to fx-dev@ws.apache.org by Milton Fidel Vega Vega <mf...@udistrital.edu.co> on 2005/07/21 23:56:36 UTC

authorization approach

Dear all,

What is the best-practice approach for send authorization tokens for a
system?, not only username and password, also other identity parameters, like
the company, office etc, in a standar and interoperable way with other plataforms.
The usernameToken of ws-security only support username and password, and no
other parameters. 
Maybe SAML, but I have only two parts, not the identity provider.

Any ideas?


Any help much appreciated


--
Universidad Distrital Francisco José de Caldas
http://www.udistrital.edu.co
Conmutador: (57-1) 3239300
Bogotá, D.C., Colombia

Re: authorization approach

Posted by Anne Thomas Manes <at...@gmail.com>.

The only interoperable way that I know of to send attribute
information is by using SAML.

Anne

On 7/21/05, Milton Fidel Vega Vega <mf...@udistrital.edu.co> wrote:
> Dear all,
> 
> What is the best-practice approach for send authorization tokens for a
> system?, not only username and password, also other identity parameters, like
> the company, office etc, in a standar and interoperable way with other plataforms.
> The usernameToken of ws-security only support username and password, and no
> other parameters.
> Maybe SAML, but I have only two parts, not the identity provider.
> 
> Any ideas?
> 
> 
> Any help much appreciated
> 
> 
> --
> Universidad Distrital Francisco José de Caldas
> http://www.udistrital.edu.co
> Conmutador: (57-1) 3239300
> Bogotá, D.C., Colombia
> 
>