You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by Seshi Patibanda <se...@gmail.com> on 2009/01/27 18:10:24 UTC

Question on including SAML token in the Security header!

Hello all,

As per the thread seen on markmail.org (
http://markmail.org/thread/iq4j6x7g247wi75x), there was an update from
Ruchith Fernando dated Nov 4, 2007 about the ways to include the obtained
SAML token in the Security header.

First option was given as:

" By creating a wsse:*Security**header* element and adding the
*token*element into the
*header*. Rampart processing down the line will re-use this *header*. "

Could anyone please expand on how to implement this option using Apache
Rampart 1.4?

At my end, I have problems inserting an obtained SAML token in the Security
header of my SOAP request. I have sent an email to
axis-user@ws.apache.orgmailing list requesting feedback but haven't
received any yet. All I need to
do is just pass the retrieved SAML token to the remote web
service(SSL-enabled) via SOAP header in the request.

My configuration:
Deployed Apache Rampart 1.4 module correctly as per the samples. Using Axis2
1.4 client and stubs generated by WSDL2Java tool. Based on my configuration,
would policy based approach work? If so, does anyone have any sample
Transport-level security policies to implement the SAML passing?

Any feedback/suggestion is highly appreciated.

Thanks,

Seshi Patibanda
seship67@gmail.com