Hi Thilina, Is there a reference for creating a custom STS policy?
Looking in the source I found scenario1-policy.xml which defines the UsernameToken security policy. I was hoping to use it as a reference, but it doesn't have a RampartConfig element, nor does it define a password callback. Thanks, Mike On Wed, 19 Oct 2011, Thilina Buddhika wrote: > Sorry, I forgot to add the reference. > > http://axis.apache.org/axis2/java/rampart/rampartconfig-guide.html > > Thanks, > Thilina > > On Wed, Oct 19, 2011 at 3:25 AM, Michael Smith <msm...@cbnco.com> wrote: > > > Thilina Buddhika wrote: > > > > > > > > > On Tue, Oct 18, 2011 at 3:47 PM, Samisa Abeysinghe <sam...@wso2.com > > > <mailto:sam...@wso2.com>> wrote: > > > > > > I assume that this is possible with a call back plugged in. Any > > > identity server folks like to comment? > > > > > > > > > Yes. This is doable with a custom callback handler implementation. > > > > > > From Identity Server 3.2.0 release upwards, it is possible to use a > > > custom policy which is stored in the registry to secure the STS. When > > > defining this custom policy, you can include your custom callback > > > handler class in the rampart config. section. More information about the > > > rampart config options is available here. > > > > Hi Thilina, > > > > Thanks for the reply. Was the word "here" at the end of that sentence > > meant to be a link? It didn't make it through the mailing list. I > > couldn't find any documentation about defining a custom policy, although > > after reading through the code it looks like I could start by copying > > the policy from "security scenario 1". > > > > Mike > > > > > > > > > > > > > > On Fri, Oct 14, 2011 at 9:30 PM, Michael Smith <msm...@cbnco.com > > > <mailto:msm...@cbnco.com>> wrote: > > > > > > Hi, > > > > > > Is there a way to define a custom token validation mechanism > > > when using > > > WSO2 IS as an STS to issue SAMLv2 tokens? > > > > > > I'd like to configure WSO2 to pass UsernameTokens to a custom > > > class for > > > authentication, and if fails, to fall back to the standard > > > UsernameToken > > > processor. > > > > > > Thanks, > > > Mike > > > _______________________________________________ > > > Carbon-dev mailing list > > > Carbon-dev@wso2.org <mailto:Carbon-dev@wso2.org> > > > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > > > > > Thanks, > > > Samisa... > > > > > > Samisa Abeysinghe > > > VP Engineering > > > WSO2 Inc. > > > http://wso2.com <http://wso2.com/> > > > http://wso2.org <http://wso2.org/> > > > > > > > > > > > > _______________________________________________ > > > Carbon-dev mailing list > > > Carbon-dev@wso2.org <mailto:Carbon-dev@wso2.org> > > > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > > > > > > > > > > > > > > -- > > > Thilina Buddhika > > > Associate Technical Lead > > > WSO2 Inc. ; http://wso2.com > > > lean . enterprise . middleware > > > > > > phone : +94 77 44 88 727 > > > blog : http://blog.thilinamb.com > > > > > > > > > ------------------------------------------------------------------------ > > > > > > _______________________________________________ > > > Carbon-dev mailing list > > > Carbon-dev@wso2.org > > > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > > > _______________________________________________ > > Carbon-dev mailing list > > Carbon-dev@wso2.org > > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > > > > > -- > Thilina Buddhika > Associate Technical Lead > WSO2 Inc. ; http://wso2.com > lean . enterprise . middleware > > phone : +94 77 44 88 727 > blog : http://blog.thilinamb.com > _______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev