2 Replies Latest reply on Jun 10, 2015 9:12 AM by ipec

Why doesn't SAML20TokenProvider persist tokens to the token registry like SAML20AssertionTokenProvider?

slarson Feb 20, 2015 5:45 PM

SAML20TokenProvider does not call a token registry to persist or fetch tokens whereas SAML20AssertionTokenProvider does. Is there a specific reason for this?

Background:

We configured the picketlink secure token server and used SAML20TokenProvider since it allowed us to create WS Trust tokens. As we move to a clustered production environment we wanted to persist tokens to ensure that any given picketlink STS instance would be able to recognize and validate tokens issued by any other picketlink STS instance.

If you look at line 134 of: SAML20AssertionTokenProvider you see the following:

        try {
            this.tokenRegistry.addToken(assertionID, assertionType);
        }

However if you look at SAML20TokenProvider it does not call tokenRegistry.addToken().

Is there specific reason that SAML20AssertionTokenProvider adds the token to the token registry and SAML20TokenProvider does not?

Thanks!

1. Re: Why doesn't SAML20TokenProvider persist tokens to the token registry like SAML20AssertionTokenProvider?

slarson Feb 24, 2015 1:21 PM (in response to slarson)

ok, i found out more information about SAML + WSTrust Here:http://owulff.blogspot.com/2012/02/saml-tokens-and-ws-trust-security-token.html

issue resolved.
Actions
2. Re: Why doesn't SAML20TokenProvider persist tokens to the token registry like SAML20AssertionTokenProvider?

ipec Jun 10, 2015 9:12 AM (in response to slarson)

hello
I have the same question, so i have read the article(and it appears to be very useful for me), but can't found the answer -- why doesn't saml20tokenprovider persist tokens?

Thanks.
Actions

Go to original post