Apologies to all if this is posted to the wrong group...
I am developing a prototype using Axis 2 and would like to learn more
about what WS-Trust capabilities rahas v1.1 supports. After reviewing
the rampart 1.1 code base, it appears that the STS implemented with
rahas v1.1 supports issuance and cancellation of SAML v1.1 and SCT
tokens only. STS token renewal and challenge/response are not
supported.
Is this a correct assessment? Is <SignChallenge> or Key Exchange
Tokens supported?
When I enable rahas for a web service, the ?wsdl for that services does
not include STS request functions - is there a wsdl specification for
the STS service that a web client application would use to request
security tokens?
Thanks,
Jackson Wynn
Lead INFOSEC Engineer
The MITRE Corporation
Bedford, MA
(781) 271-3419
