Hi, Are you referring to the code in org.apache.rahas.TokenRequestDispatcher? >
No, I was actually referring to org.apache.rampart.PolicyBasedResultsValidator. When the request comes to the service , this class checks whether the security requirements and constraints of service's security policy is met in the message. > After sending the initial email I saw that when the type of request is > either "validate" or "renew", the dispatcher throws an > UnsupportedOperationException. Should I refer to this on the JiRA? There is already a JIRA created for this. see [1]. Thanks, Nandana [1] - http://issues.apache.org/jira/browse/RAMPART-87 > > > Thanks and regards, > Joana > > On Dec 21, 2007 5:38 AM, Nandana Mihindukulasooriya <[EMAIL PROTECTED] > > > wrote: > > > Hi, > > > > In our case here, we would like our trusted services to only respond to > > > requests that contain a valid SAML Token issued by the STS. On the > > > samples, > > > it doesn't seem to make any difference on the service response whether > i > > > add > > > the token to the request or not. > > > > > > If I understand correctly, you have a Issued token as a supporting > token > > in > > the > > service policy. When I went through the code, that there is a problem in > > validating > > the supporting tokens according to the given policy in Rampart. BTW, > this > > not > > specific to SAML Tokens, all supporting tokens suffer from this problem. > > This should be > > fixed in Rampart. Please go on and create a JiRA in Rampart. > > > > Thanks, > > Nandana > > > > > > -- > Student Intern > SAP Research - Security & Trust > SAP Labs France > > 805 Avenue du Dr. Maurice Donat > 06250 Mougins > T +33/492286319 > F +33/492286201 > Personal Homepage: > http://www.inf.ufrgs.br/~jmftrindade<http://www.inf.ufrgs.br/%7Ejmftrindade> >
