Hi,
I'm new to Rampart and I am switching from having a custom module/handler to using Rampart. The only thing is - from the service itself, I need to access a SAML token passed in (using WS-Security SAML Token Profile), because I need to filter data based on the attributes of the user in the assertion. That is, the service pulls information from a data source, and based on releasability constraints of the information it pulls, it then needs to filter data based on the attributes of the user from the SAML assertion. It would be great if I could actually get a SAML assertion object directly from the service (without having to parse the header again - this should have been done already if rampart is providing the WS-Policy validation). Is this object fetchable from the service? >From a service, I have been looking at the MessageContext properties and, I saw that there is a "org.apache.rahas.TokenStorage" object. Even though tokens are passed, however, I have never seen this object with any tokens. And even so, it would contain an org.apache.rahas.Token, which I don't believe is what I need. Any help would be appreciated! Thanks! Kevin T. Smith Technical Director, Mantech MBI [EMAIL PROTECTED] (804) 550-3670; cell 571-426-8639
