The SAML specification [1] defines the standard protocol that you should use to send a request to a SAML authority. In particular, you want to see the "Assertions and Protocols" portion of the spec [2], which defines the structure of the request and response messages, and the "Bindings" spec [3], which defines the SOAP binding. You must use document/literal.
As an alternative to the SAML protocol, you could use WS-Trust [4], but WS-Trust is not as specifically defined. [1] http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security#samlv20 [2] http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf [3] http://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf [4] http://www.oasis-open.org/committees/download.php/21365/ws-trust-1.3-spec-cs-01.pdf Anne On 2/10/07, Claudio Maraniello <[EMAIL PROTECTED]> wrote:
Hello, I'm new to axis and I am using the 1.3 version. My goal is to implement a web service where the client sends a SAML request (maybe packaged in a soap body) and receives a SAML assertion. No subject confirmation or security concerns are required. Where can I get started with this? Can I do that by using a rpc style web service? Any help, tutorial, sample or sommething else will be very helpful, thank you in advance, Claudio Maraniello
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
