You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by Nandana Mihindukulasooriya <na...@gmail.com> on 2008/08/14 06:44:04 UTC

Re: Rampart, Supporting tokens, SAML

Hi,
   This sample is a proof-of-concept to show metadata exchange works with
security. So if you look at the service's security policy, specifically the

<Issuer xmlns="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
    <Address xmlns="http://www.w3.org/2005/08/addressing">
http://localhost:8090/axis2/services/STS</Address>
        <Metadata xmlns="http://www.w3.org/2005/08/addressing">
             <mex:Metadata
                 xmlns:mex="http://schemas.xmlsoap.org/ws/2004/09/mex"
                 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                     <mex:MetadataSection Dialect="
http://schemas.xmlsoap.org/ws/2004/09/mex">
                         <mex:MetadataReference>
                             <Address
                             xmlns="http://www.w3.org/2005/08/addressing">
http://localhost:8080/axis2/services/mex</Address>
                        </mex:MetadataReference>
                    </mex:MetadataSection>
             </mex:Metadata>
     </Metadata>
</Issuer>

It has both issuers address and a mex endpoint to get the policy of the
issuer. So if you go through the services.xml , you can see there is a mex
service too. What Rampart does is first call the mex service and find the
policy of the issuer and then send a message to issuer according to that
security policy to get a the token. Then it is similar to sample 05.

thanks,
nandana

On Wed, Jul 16, 2008 at 2:44 PM, Petter Olsson <pe...@student.liu.se>wrote:

> Hi
>
> How can I make my client fetch the Issuer address of a supporting token
> (SAML) from the service policy? Do I have to parse the policy myself (in
> the
> client) or is there a better solution?
>
> It seems that sample06 may solve this problem, but I don't understand how
> it's done.
>
> ...
>  <Issuer xmlns="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>        <Address xmlns="http://www.w3.org/2005/08/addressing">
> http://localhost:8080/axis2/services/STS</Address>
>  </Issuer>
> ...
>
> /Petter
>



-- 
Nandana Mihindukulasooriya
WSO2 inc.

http://nandana83.blogspot.com/
http://www.wso2.org