Hi all,
I am trying to setup a webservice that acts as WS-Trust STS with rampart.
I've a design question.
Clients sends the authentication claim in the wsse:Security element in the
header (claims such as Username/Password, SAML Tokens, Kerberos and
X.509 binary secrets). Based on the identity carried in this wsse:Security,
the STS decide to issue or not the security token (that is my own
implementation
of SAML2).
Now I'm thinking: the wsse:Security element is detached by a module (that I
will write I think, to get all my claims processed). But, detaching the
header, I don't know anymore the identity of the user! So, I thought to
put in the header of the SOAP message something like
<identity>userIdentity</identity>
so the STS implementation can have the information on the identity of the
user (and can decide to issue a token).
Have you other ideas? Does it looks good for you? Have you any pattern?
I'll appreciate your hints!
Thank you!
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
