You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by jsolderitsch <js...@gestalt-llc.com> on 2008/06/04 16:45:30 UTC

Security Token Server (STS) SAML 2.0 and cxf

I am stepping into a project where we are using cxf and now have the
requirement to integrate use of SAML 2.0.

The SAML assertions are being provided by Ping Federate Web Services
(version 2.9) (supplied by PingIdentity) -- they supply a Security Token
Server (STS) that is part of the destination environment's security
infrastructure.

The STS provides us with a SAML assertion and in the cxf usage chain, I need
to then create a SOAP request that incorporates the SAML assertion. We have
WSDL, supplied by a third party, for the web service that we want to invoke.

Are there any information sources out there that could help me get up to
speed quickly?

What version of cxf is appropriate? I am currently using 2.0.6 but I see
that 2.1 is out. The project I am stepping into started out with
2.0.2-incubator.

I am also brand-new to cxf but have used other wsdl-to-java mechanisms in
past projects.

Any information/pointers would be much appreciated.

Jim
-- 
View this message in context: http://www.nabble.com/Security-Token-Server-%28STS%29-SAML-2.0-and-cxf-tp17648520p17648520.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: Security Token Server (STS) SAML 2.0 and cxf

Posted by Glen Mazza <gl...@verizon.net>.

Here's all the links I could dig up on SAML:
http://www.jroller.com/gmazza/date/20080511

I have not implemented SAML yet, however, so cannot help much in that
regard.

Glen


2008-06-04 jsolderitsch wrote:
> I am stepping into a project where we are using cxf and now have the
> requirement to integrate use of SAML 2.0.
> 
> The SAML assertions are being provided by Ping Federate Web Services
> (version 2.9) (supplied by PingIdentity) -- they supply a Security Token
> Server (STS) that is part of the destination environment's security
> infrastructure.
> 
> The STS provides us with a SAML assertion and in the cxf usage chain, I need
> to then create a SOAP request that incorporates the SAML assertion. We have
> WSDL, supplied by a third party, for the web service that we want to invoke.
> 
> Are there any information sources out there that could help me get up to
> speed quickly?
> 
> What version of cxf is appropriate? I am currently using 2.0.6 but I see
> that 2.1 is out. The project I am stepping into started out with
> 2.0.2-incubator.
> 
> I am also brand-new to cxf but have used other wsdl-to-java mechanisms in
> past projects.
> 
> Any information/pointers would be much appreciated.
> 
> Jim