You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-user@axis.apache.org by Milton Fidel vega <MV...@dian.gov.co> on 2005/07/21 22:13:46 UTC

authorization tokens approach

Dear all,

What is the best-practice approach for send authorization tokens for a
system?, not only username and password, also other identity parameters,
like the company, office etc, in a standar and interoperable way with
other plataforms.
The usernameToken of ws-security only support username and password, and
no other parameters. 
Maybe SAML, but I have only two parts, not the identity provider.

Any ideas?


Any help much appreciated