On Fri, Mar 6, 2009 at 4:59 AM, Vivian Wang <vivianwan...@yahoo.com> wrote:
> > Hi There, > > I am starting to use rampart/c for ws-security purpose together with > axis2/c in a web service client application. I have the following > get-me-started questions: > > (1) As a web service client, all the security configurations can be done in > a policy file, there is no need to programmatically set the security > parameters in my source code, all I need to do is to set the policy file > location when I create the web service client. Is this right? > > I am asking this because when I browsed the rampart/c sample source > code, I noticed that in some samples like saml_echo, you created a > saml assertion and set it into client config, like this: > > assertion = create_saml_assertion(env); > saml = rampart_saml_token_create(env, assertion, > RAMPART_ST_CONFIR_TYPE_SENDER_VOUCHES); > rampart_saml_token_set_token_type(saml, env, > RP_PROPERTY_SIGNED_SUPPORTING_TOKEN); > rampart_config_add_saml_token(client_config, env, saml); > > Can this be done in the policy configuration file so I don't have to do > this in my source code? > This cannot be done in the policy configuration. SAML assertion is created prorammatically. So I don't see a way this can be set using the policy configuration. Supun.
