Hi Thanks for the replay, but still a little lost ;). My main question I guess is where should I extract these attributes? I feel that this should be taken care of before the service invocation, correct? Tried getting the message context in my callback handler, but it was null. Should I create a new module for this? Is it possible to write my own Attributecallback and say to rampart use this?
2009/4/6 Martin Gainty <mgai...@hotmail.com> > > //Construct RahasData from MessageContext > http://ws.apache.org/rampart/apidocs/org/apache/rahas/RahasData.html > > > //get a default handle > SAMLCallbackHandler handler = config.getCallbackHander(); Where is config coming from? > > //then construct SAML AttributeCallback to retrieve the RahasData contents > > http://ws.apache.org/rampart/apidocs/org/apache/rahas/impl/util/SAMLAttributeCallback.html > > SAMLAttributeCallback cb = new SAMLAttributeCallback(data); > SAMLCallbackHandler handler = config.getCallbackHander(); > handler.handle(cb); > attrs = cb.getAttributes(); > > en annen svare ? fra norden? cheers, håkon > > Martin > ______________________________________________ > Verzicht und Vertraulichkeitanmerkung / Note de déni et de confidentialité > Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene > Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte > Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht > dient lediglich dem Austausch von Informationen und entfaltet keine > rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von > E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. > Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le > destinataire prévu, nous te demandons avec bonté que pour satisfaire > informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie > de ceci est interdite. Ce message sert à l'information seulement et n'aura > pas n'importe quel effet légalement obligatoire. Étant donné que les email > peuvent facilement être sujets à la manipulation, nous ne pouvons accepter > aucune responsabilité pour le contenu fourni. > > > > > > > Date: Mon, 6 Apr 2009 17:06:59 +0200 > Subject: Extracting attribute values from SAML token in rampart sample 05 > From: hakon.sageh...@bccs.uib.no > To: axis-user@ws.apache.org; rampart-...@ws.apache.org > > Hi all, > > I was wondering if it's possible to extract the values inside a SAML token. > I looked at sample 05 and wanted to list out the values of the attribute > statement, I tried this in the password call back handler > > > Element el = pwcb.getCustomToken(); > > But just got null. What I'm trying to achieve is not just validate that > the attributes signed by the sts but also see what attributes the client can > give the possessing. > > > How can this be done?? > > cheers, håkon > -- > Håkon Sagehaug, Scientific Programmer > Parallab, Bergen Center for Computational Science (BCCS) > UNIFOB AS (University of Bergen Research Company) > > _________________________________________________________________ > Rediscover Hotmail®: Now available on your iPhone or BlackBerry > > http://windowslive.com/RediscoverHotmail?ocid=TXT_TAGLM_WL_HM_Rediscover_Mobile1_042009 > -- Håkon Sagehaug, Scientific Programmer Parallab, Bergen Center for Computational Science (BCCS) UNIFOB AS (University of Bergen Research Company)
