Does anyone have any experiences (positive or negative) using rampart v1.1.1 with a commercial STS implementation such as Ping Trust v2.0?? Can rampart/rahas be configured to use an external STS?
Thanks, Jackson -----Original Message----- From: Ruchith Fernando [mailto:[EMAIL PROTECTED] Sent: Monday, January 29, 2007 8:39 PM To: [email protected] Subject: Re: rahas v1.1 capabilities.. You can post rampart/rahas related questions to [email protected] list :-) Thanks, Ruchith On 1/30/07, Ruchith Fernando <[EMAIL PROTECTED]> wrote: > Hi, > > > On 1/30/07, Wynn, Jackson E. <[EMAIL PROTECTED]> wrote: > > > > > > Apologies to all if this is posted to the wrong group... > > > > I am developing a prototype using Axis 2 and would like to learn more about > > what WS-Trust capabilities rahas v1.1 supports. After reviewing the rampart > > 1.1 code base, it appears that the STS implemented with rahas v1.1 supports > > issuance and cancellation of SAML v1.1 and SCT tokens only. STS token > > renewal and challenge/response are not supported. > > > > Is this a correct assessment? Is <SignChallenge> or Key Exchange Tokens > > supported? > > Yes the statement is correct! We do not support challange/response > protocol and we don't have any renewers by default with rahas *yet*. > > > > > When I enable rahas for a web service, the ?wsdl for that services does not > > include STS request functions - is there a wsdl specification for the STS > > service that a web client application would use to request security tokens? > > This is another issue that we will have to improve. Please raise a > JIRA issue [1] on this. > > However this2] is the wsdl for the STS defined by the WS-Trust spec. > Thanks, > Ruchith > > [1] https://issues.apache.org/jira/browse/RAMPART > [2] http://schemas.xmlsoap.org/ws/2005/02/trust/WS-Trust.wsdl > > > > > Thanks, > > > > Jackson Wynn > > > > Lead INFOSEC Engineer > > The MITRE Corporation > > Bedford, MA > > > > (781) 271-3419 > > > -- > www.ruchith.org > www.wso2.org > -- www.ruchith.org www.wso2.org --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
