-
1. Re: Question about assertion from STS
beve May 6, 2010 2:53 AM (in response to morrowjl)Hi James,
1. How do we go about placing that assertion into the soap message to continue on to the desired endpoint?
This easiest way might be to have a SOAPHandler on the client side that adds the Assertion element to the security header.
I've used Smooks previously to insert a security element into a SOAP Message but that was mainly because this was used in JBossESB for a quickstart (security_saml) and that made sense at the time for that example.
I spoke with Anil about creating some examples and this might be a good one to add?
1. I was thinking that we create an example that calls PicketLinkSTS via JAAS to issue a token.
2. Then have a call to a web service where the client side is configured with a SOAPHandler that injects the SAML Assertion into the outbound SOAP Security Header.
3. The web service would be configured with a SOAPHandler (for example org.picketlink.identity.federation.core.wstrust.handlers.STSSaml20Handler).
The security_saml JBossESB quickstart does this (except step 2 which is uses Smooks for) but via JBossESB. The last step part of the quickstart is to call an external web service which is configured with the server side SOAPHandler (step 3). The configuration of the web service might be of interest to you.
What do you think?
Regards,
/Daniel
-
2. Re: Question about assertion from STS
morrowjl May 6, 2010 7:12 AM (in response to beve)That sounds exactly like what we are wanting. I just located a page that has the soaphandler...
http://www.jroller.com/gmazza/
I am looking over it now and maybe I will be able to use this