Hi all Axis2 users: I have been managing some web services using UsernameTokens (without using rampart) to convey identities. I've a client that connects to a Token issuer service that provides it an EndpointReference and the Username token needed to authenticate. Now I must remodelate the security of the whole model and instead of that, SAML tokens with encryption of the user name and signature will be used. The last axis2 version I've been using was the 1.1 and now I'm thinking about updating to the newest one and start using rampart.
I have read that, unfortunatelly, Rampart itself can't be configured to add the SAML token to the Security header and that it delegates those functions to a STS called Rahas. The documentation I found about Rahas is very weak and despite my experience I don't have a clue about where or how to start. Could anyone indicate me where to find a good tutorial or use examples? Or, even better, could anyone show me some code to generate the tokens? If it's possible, I would prefer to config rahas with code instead of creating text config files. Thanks in advance. Christina.
