Hi Nandana, > When I went through the code, that there is a problem in > validating > the supporting tokens according to the given policy in Rampart. BTW, this > not > specific to SAML Tokens, all supporting tokens suffer from this problem.
Are you referring to the code in org.apache.rahas.TokenRequestDispatcher? After sending the initial email I saw that when the type of request is either "validate" or "renew", the dispatcher throws an UnsupportedOperationException. Should I refer to this on the JiRA? Thanks and regards, Joana On Dec 21, 2007 5:38 AM, Nandana Mihindukulasooriya <[EMAIL PROTECTED]> wrote: > Hi, > > In our case here, we would like our trusted services to only respond to > > requests that contain a valid SAML Token issued by the STS. On the > > samples, > > it doesn't seem to make any difference on the service response whether i > > add > > the token to the request or not. > > > If I understand correctly, you have a Issued token as a supporting token > in > the > service policy. When I went through the code, that there is a problem in > validating > the supporting tokens according to the given policy in Rampart. BTW, this > not > specific to SAML Tokens, all supporting tokens suffer from this problem. > This should be > fixed in Rampart. Please go on and create a JiRA in Rampart. > > Thanks, > Nandana > -- Student Intern SAP Research - Security & Trust SAP Labs France 805 Avenue du Dr. Maurice Donat 06250 Mougins T +33/492286319 F +33/492286201 Personal Homepage: http://www.inf.ufrgs.br/~jmftrindade
