Yes this is my scenario. Are there any guides that can point me in the right direction in order to work out this environment?!
But in order to validate my assertion only if the sender is trusted, do I have to exchange Trust in between STS A and STS B?! Thanks 2009/9/29 Nandana Mihindukulasooriya <nandana....@gmail.com> > Sorry, I was busy with some lectures yesterday. You are talking about > the following scenario, right ? This is possible with Rampart, but > third step is not done by Rampart by default. Normally Rampart tries > to validate the token by it self, but this can be done with little > effort. > > thanks, > Nandana > > 1.) WS - A ---- credentials > ---------------------------> STS - A > <---- SAML2 (signed by STS - A) ---------------- > > 2.) WS - A ------------- SAML2 (signed by STS - A) ----------> WS - B > > 3.) WS - B ---- SAML2 (signed by STS - A) / validate --------> STS B > > 4.) WS - A <----------------- response ------------------------------ WS - > B > > On Tue, Sep 29, 2009 at 10:30 AM, Francesco Stampacchia > <stampacchiafrance...@gmail.com> wrote: > > Hello Nandana, > > Have you got some news about the question I asked you yesterday? > > > > Thanks. > > > > 2009/9/28 Francesco Stampacchia <stampacchiafrance...@gmail.com> > >> > >> I've got a WSC on domain A that has to access a WS on domain B. > >> WSC would present its credentials to its local STS and so obtains a > SAML2 > >> Assertion. > >> Then the newly generated assertion is sent to the WS. > >> The WS will present the received assertion to its STS in order to > validate > >> it. Validation will be succsessful only if both STS are federated. > >> > >> Thanks > >> > >> 2009/9/28 Nandana Mihindukulasooriya <nandana....@gmail.com> > >>> > >>> Yes, it is possible to use Rampart for trust operation and by default > >>> Rampart comes with a token issuer, renewer, validator and canceller > >>> for SAML tokens. What exactly is your scenario ? > >>> > >>> thanks, > >>> Nandana > >>> > >>> > >>> ---------- Forwarded message ---------- > >>> From: Francesco Stampacchia <stampacchiafrance...@gmail.com> > >>> Date: Mon, Sep 28, 2009 at 1:00 PM > >>> Subject: WS-Trust with Rampart > >>> To: axis-user@ws.apache.org > >>> > >>> > >>> It is possible to exploit WS-Trust operations with the new Rampart > >>> release?! > >>> If so, could you point me to some references or best practices?! > >>> > >>> Thanks > >>> > >>> -- > >>> Francesco Stampacchia > >> > >> > >> > >> -- > >> Francesco Stampacchia > > > > > > > > -- > > Francesco Stampacchia > > > -- Francesco Stampacchia
