subject:"Re\: SAML with Axis2"

Re: SAML with Axis2

2008-03-04 Thread Nuria Rodríguez García

Hi Nandana:

I have a doubt about SAML Token.
Could I receive  from the STS service a SAML token without sign it?
I want STS service return a SAML token in clear over HTTPS. Is this
possible?

Thanks,
Nuria

2008/2/28, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> Hi Nuria,
>
> > I've some questions about the ConfigurationContext
> > We have to create ConfigurationContext when we use WS-Security (Rampart)
> or
> > WS-Addressing because in these cases we need to use modules (rampart and
> > addressing).
>
> Yes, IFAIK when you are using Rampart you need to have a client
> repository which has Rampart module and you have to create a
> configuration context using that repository so that the Rampart module
> will be available to be engaged.
>
> > Could I manage soap header when I use the addressing module?
>
> What do you mean by managing the SOAP header ?
>
> thanks,
> /nandana
>
>
> > 2008/2/19, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> >
> >
> > > Hi Nuria,
> > >
> > > > A client accessing a WebService, and a SAML Authority (STS):
> > > >
> > > > 1) Have the client and the web Service to access to the same SAML
> > Authority?
> > > > (I have read anywhere that the SAML Authority only can be of STS
> type).
> > >
> > > Client needs access to the STS as it requires to get tokens from the
> STS.
> > And
> > > Client <---> STS and
> > > STS<---> Web
> > > must trust each other. Sometimes service don't need to access the STS
> > > to validate the SAML token. In the examples of Rampart, service itself
> > > validates the SAML token and it doesn't access the STS. But there is a
> > > pre configured trust between the STS and the service.
> > >
> > > > 2) Covers RAHAS all the scenarios of SAML interaction between these
> > actors
> > > > or there are any limitations currently?
> > >
> > > RAMPART/RAHAS can use SAML token as a supporting token and as a
> > > protection token. So those two scenarios are pretty covered.
> > > WS Trust specification defines four bindings. Namely Issue , Validate,
> > > Renew, Cancel bindings. At the moment, Rampart only facilitate Issue
> > > and Cancel bindings. But we may be able to get the other two bindings
> > > working before the next release of Apache Rampart.
> > >
> > > thanks,
> > > /nandana
> > >
> > >
> > >
> > >
> > > > 2008/2/14, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> > > >
> > > > > Hi Jens,
> > > > >   Not at the moment. But we will include a one before next
> release.
> > > > >
> > > > > thanks,
> > > > > nandana
> > > > >
> > > > > On Tue, Feb 12, 2008 at 2:31 PM, Jens Goldhammer
> > > > > <[EMAIL PROTECTED]> wrote:
> > > > > >
> > > > > >  Hello Nunny,
> > > > > >
> > > > > >  is there any sample available where the SAML token can be used
> as a
> > > > > >  protection token for signing and encrypting messages?
> > > > > >
> > > > > >  Thanks,
> > > > > >  Jens
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >  Nunny wrote:
> > > > > >  >
> > > > > >  > Hi Nuria,
> > > > > >  >
> > > > > >  >> I've some doubts about SAML with axis2. I need to know if
> the
> > > > sample05
> > > > > >  >> covers all the the SAML cases.
> > > > > >  >
> > > > > >  > No, it covers only one scenario. For example, this uses SAML
> > token as
> > > > a
> > > > > >  > supporting token. There is another scenarios where SAML token
> can
> > be
> > > > > >  > used as a protection token where it will be used to sign and
> > encrypt
> > > > > >  > messages.
> > > > > >  >
> > > > > >  >
> > > > > >  >
> > > > > >  >> We first receive the SAML token response then we indicate,
> in
> > the
> > > > options
> > > > > >  >> the responseToken id
> > > > > >  >> I don't know where we are sending to the server the SAML
> > assertion
> > > > in the
> > > > > >  >> soapMessage
> > > > > >  >
> > > > > >  > When the id is set, Rampart message builders add the
> assertion to
> > the
> > > > > >  > security
> > > > > >  > header according to the security policy. If you monitor the
> > messages
> > > > > >  > exchanged
> > > > > >  > through TCPMon, then you can actually see the SAML assertion
> in
> > the
> > > > > >  > security
> > > > > >  > header of the SOAP request to the service.
> > > > > >  >
> > > > > >  >> Another thing is to know what are the requestSecurityToken
> > > > parameters.
> > > > > >  >
> > > > > >  > In the client, we set these parameters using RST template.
> > > > > >  >
> > > > > >  > private static OMElement getRSTTemplate() throws
> Exception {
> > > > > >  >   OMFactory fac = OMAbstractFactory.getOMFactory();
> > > > > >  >   OMElement elem =
> > > > > >  >
> > fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
> > > > > >  >
> > TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
> > > > > >  > elem).setText(RahasConstants.TOK_TYPE_SAML_10);
> > > > > >  >
> > TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02,
> > > > elem,
> > > > > >  > RahasConstants.KEY_TYPE_PUBLIC_KEY);
> >

Re: SAML with Axis2

2008-02-28 Thread Nandana Mihindukulasooriya

Hi Nuria,

> I've some questions about the ConfigurationContext
> We have to create ConfigurationContext when we use WS-Security (Rampart) or
> WS-Addressing because in these cases we need to use modules (rampart and
> addressing).

Yes, IFAIK when you are using Rampart you need to have a client
repository which has Rampart module and you have to create a
configuration context using that repository so that the Rampart module
will be available to be engaged.

> Could I manage soap header when I use the addressing module?

What do you mean by managing the SOAP header ?

thanks,
/nandana


> 2008/2/19, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
>
> > Hi Nuria,
> >
> > > A client accessing a WebService, and a SAML Authority (STS):
> > >
> > > 1) Have the client and the web Service to access to the same SAML
> Authority?
> > > (I have read anywhere that the SAML Authority only can be of STS type).
> >
> > Client needs access to the STS as it requires to get tokens from the STS.
> And
> > Client <---> STS and
> > STS<---> Web
> > must trust each other. Sometimes service don't need to access the STS
> > to validate the SAML token. In the examples of Rampart, service itself
> > validates the SAML token and it doesn't access the STS. But there is a
> > pre configured trust between the STS and the service.
> >
> > > 2) Covers RAHAS all the scenarios of SAML interaction between these
> actors
> > > or there are any limitations currently?
> >
> > RAMPART/RAHAS can use SAML token as a supporting token and as a
> > protection token. So those two scenarios are pretty covered.
> > WS Trust specification defines four bindings. Namely Issue , Validate,
> > Renew, Cancel bindings. At the moment, Rampart only facilitate Issue
> > and Cancel bindings. But we may be able to get the other two bindings
> > working before the next release of Apache Rampart.
> >
> > thanks,
> > /nandana
> >
> >
> >
> >
> > > 2008/2/14, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> > >
> > > > Hi Jens,
> > > >   Not at the moment. But we will include a one before next release.
> > > >
> > > > thanks,
> > > > nandana
> > > >
> > > > On Tue, Feb 12, 2008 at 2:31 PM, Jens Goldhammer
> > > > <[EMAIL PROTECTED]> wrote:
> > > > >
> > > > >  Hello Nunny,
> > > > >
> > > > >  is there any sample available where the SAML token can be used as a
> > > > >  protection token for signing and encrypting messages?
> > > > >
> > > > >  Thanks,
> > > > >  Jens
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >  Nunny wrote:
> > > > >  >
> > > > >  > Hi Nuria,
> > > > >  >
> > > > >  >> I've some doubts about SAML with axis2. I need to know if the
> > > sample05
> > > > >  >> covers all the the SAML cases.
> > > > >  >
> > > > >  > No, it covers only one scenario. For example, this uses SAML
> token as
> > > a
> > > > >  > supporting token. There is another scenarios where SAML token can
> be
> > > > >  > used as a protection token where it will be used to sign and
> encrypt
> > > > >  > messages.
> > > > >  >
> > > > >  >
> > > > >  >
> > > > >  >> We first receive the SAML token response then we indicate, in
> the
> > > options
> > > > >  >> the responseToken id
> > > > >  >> I don't know where we are sending to the server the SAML
> assertion
> > > in the
> > > > >  >> soapMessage
> > > > >  >
> > > > >  > When the id is set, Rampart message builders add the assertion to
> the
> > > > >  > security
> > > > >  > header according to the security policy. If you monitor the
> messages
> > > > >  > exchanged
> > > > >  > through TCPMon, then you can actually see the SAML assertion in
> the
> > > > >  > security
> > > > >  > header of the SOAP request to the service.
> > > > >  >
> > > > >  >> Another thing is to know what are the requestSecurityToken
> > > parameters.
> > > > >  >
> > > > >  > In the client, we set these parameters using RST template.
> > > > >  >
> > > > >  > private static OMElement getRSTTemplate() throws Exception {
> > > > >  >   OMFactory fac = OMAbstractFactory.getOMFactory();
> > > > >  >   OMElement elem =
> > > > >  >
> fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
> > > > >  >
> TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
> > > > >  > elem).setText(RahasConstants.TOK_TYPE_SAML_10);
> > > > >  >
> TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02,
> > > elem,
> > > > >  > RahasConstants.KEY_TYPE_PUBLIC_KEY);
> > > > >  >
> TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02,
> > > elem, 256);
> > > > >  >   return elem;
> > > > >  > }
> > > > >  >
> > > > >  > These parameters are defined in the WS Trust specification [1].
> > > > >  >
> > > > >  > /nandana
> > > > >  >
> > > > >  > [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
> > > > >  >
> > > > >  > http://nandana83.blogspot.com/
> > > > >  > http://nandanasm.wordpress.com/
> > > > >  >
> > > > >
> > > > > >
> -
>

Re: SAML with Axis2

2008-02-28 Thread Nuria Rodríguez García

Hello Nandana:



I've some questions about the ConfigurationContext



We have to create ConfigurationContext when we use WS-Security (Rampart) or
WS-Addressing because in these cases we need to use modules (rampart and
addressing).



So when I want to add information in the SOAPHeader using SWA (Soap with
Attachment) I've problems.

Could I manage soap header when I use the addressing module?





Thanks, Nuria


2008/2/19, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> Hi Nuria,
>
> > A client accessing a WebService, and a SAML Authority (STS):
> >
> > 1) Have the client and the web Service to access to the same SAML
> Authority?
> > (I have read anywhere that the SAML Authority only can be of STS type).
>
> Client needs access to the STS as it requires to get tokens from the STS.
> And
> Client <---> STS and
> STS<---> Web
> must trust each other. Sometimes service don't need to access the STS
> to validate the SAML token. In the examples of Rampart, service itself
> validates the SAML token and it doesn't access the STS. But there is a
> pre configured trust between the STS and the service.
>
> > 2) Covers RAHAS all the scenarios of SAML interaction between these
> actors
> > or there are any limitations currently?
>
> RAMPART/RAHAS can use SAML token as a supporting token and as a
> protection token. So those two scenarios are pretty covered.
> WS Trust specification defines four bindings. Namely Issue , Validate,
> Renew, Cancel bindings. At the moment, Rampart only facilitate Issue
> and Cancel bindings. But we may be able to get the other two bindings
> working before the next release of Apache Rampart.
>
> thanks,
> /nandana
>
>
>
>
> > 2008/2/14, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> >
> > > Hi Jens,
> > >   Not at the moment. But we will include a one before next release.
> > >
> > > thanks,
> > > nandana
> > >
> > > On Tue, Feb 12, 2008 at 2:31 PM, Jens Goldhammer
> > > <[EMAIL PROTECTED]> wrote:
> > > >
> > > >  Hello Nunny,
> > > >
> > > >  is there any sample available where the SAML token can be used as a
> > > >  protection token for signing and encrypting messages?
> > > >
> > > >  Thanks,
> > > >  Jens
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >  Nunny wrote:
> > > >  >
> > > >  > Hi Nuria,
> > > >  >
> > > >  >> I've some doubts about SAML with axis2. I need to know if the
> > sample05
> > > >  >> covers all the the SAML cases.
> > > >  >
> > > >  > No, it covers only one scenario. For example, this uses SAML
> token as
> > a
> > > >  > supporting token. There is another scenarios where SAML token can
> be
> > > >  > used as a protection token where it will be used to sign and
> encrypt
> > > >  > messages.
> > > >  >
> > > >  >
> > > >  >
> > > >  >> We first receive the SAML token response then we indicate, in
> the
> > options
> > > >  >> the responseToken id
> > > >  >> I don't know where we are sending to the server the SAML
> assertion
> > in the
> > > >  >> soapMessage
> > > >  >
> > > >  > When the id is set, Rampart message builders add the assertion to
> the
> > > >  > security
> > > >  > header according to the security policy. If you monitor the
> messages
> > > >  > exchanged
> > > >  > through TCPMon, then you can actually see the SAML assertion in
> the
> > > >  > security
> > > >  > header of the SOAP request to the service.
> > > >  >
> > > >  >> Another thing is to know what are the requestSecurityToken
> > parameters.
> > > >  >
> > > >  > In the client, we set these parameters using RST template.
> > > >  >
> > > >  > private static OMElement getRSTTemplate() throws Exception {
> > > >  >   OMFactory fac = OMAbstractFactory.getOMFactory();
> > > >  >   OMElement elem =
> > > >  > fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE
> );
> > > >  >   TrustUtil.createTokenTypeElement(
> RahasConstants.VERSION_05_02,
> > > >  > elem).setText(RahasConstants.TOK_TYPE_SAML_10);
> > > >  >   TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02
> ,
> > elem,
> > > >  > RahasConstants.KEY_TYPE_PUBLIC_KEY);
> > > >  >   TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02
> ,
> > elem, 256);
> > > >  >   return elem;
> > > >  > }
> > > >  >
> > > >  > These parameters are defined in the WS Trust specification [1].
> > > >  >
> > > >  > /nandana
> > > >  >
> > > >  > [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
> > > >  >
> > > >  > http://nandana83.blogspot.com/
> > > >  > http://nandanasm.wordpress.com/
> > > >  >
> > > >
> > > > >
> -
> > > >  > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > >  > For additional commands, e-mail: [EMAIL PROTECTED]
> > > >  >
> > > >  >
> > > >  >
> > > >
> > > >  --
> > > >  View this message in context:
> > http://www.nabble.com/SAML-with-Axis2-tp15314610p15429275.html
> > > >  Sent from the Axis - User mailing list archive at Nabble.com.
> > > >
> > > >
> > > >
> > > >
> > >
> >

Re: SAML with Axis2

2008-02-25 Thread Nandana Mihindukulasooriya

Hi Nuria,

>  In the last email you told me about the two scenarios that RAMPART/RAHAS
> covers.

Yes, what I meant was the usage of an Issued Token ( SAML Token ) as a
supporting token which means it will be included in the SOAP message
as an additional claim and for cryptographic operations some other key
will be used. Other scenario is it is used as a protection token where
issued token ( SAML token ) will be used for cryptographic operations.

> I don't understand what the meaning of each one of these bindings is. Could
> you explain a little more about these scenarios?

There are four bindings described in the WS - Trust specification.

1.) Issue Binding
  Describe the mechanism for issuing and requesting new tokens
2.) Validate Binding
  Describe the mechanism for sending a validation request and
validation response
3.) Renew Binding
  Describe the mechanism for sending a renew request and a response
4.) Cancel Binding
  Describe the mechanism for sending a cancel request and a response

> In a document I read that there are two ways to obtain saml token.
> Is this possible with rampart/rahas? The two ways are the following:
>   Security Token Acquisition
> Issued Security Token

I was talking about the Issued security token scenario in the above
mails. I am not sure what the document meant by "Security Token
Acquisition". If it meant, out of band acquisition of  SAML token and
using them as Custom tokens, that is possible with Rampart.

thanks,
/nandana


>
> 2008/2/19, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
>
> > Hi Nuria,
> >
> > > A client accessing a WebService, and a SAML Authority (STS):
>  > >
> > > 1) Have the client and the web Service to access to the same SAML
> Authority?
> > > (I have read anywhere that the SAML Authority only can be of STS type).
> >
> > Client needs access to the STS as it requires to get tokens from the STS.
> And
>  > Client <---> STS and
> > STS<---> Web
> > must trust each other. Sometimes service don't need to access the STS
> > to validate the SAML token. In the examples of Rampart, service itself
>  > validates the SAML token and it doesn't access the STS. But there is a
> > pre configured trust between the STS and the service.
> >
> > > 2) Covers RAHAS all the scenarios of SAML interaction between these
> actors
>  > > or there are any limitations currently?
> >
> > RAMPART/RAHAS can use SAML token as a supporting token and as a
> > protection token. So those two scenarios are pretty covered.
> > WS Trust specification defines four bindings. Namely Issue , Validate,
>  > Renew, Cancel bindings. At the moment, Rampart only facilitate Issue
> > and Cancel bindings. But we may be able to get the other two bindings
> > working before the next release of Apache Rampart.
> >
>  > thanks,
> > /nandana
> >
> >
> >
> >
> > > 2008/2/14, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> > >
> > > > Hi Jens,
>  > > >   Not at the moment. But we will include a one before next release.
> > > >
> > > > thanks,
> > > > nandana
> > > >
> > > > On Tue, Feb 12, 2008 at 2:31 PM, Jens Goldhammer
>  > > > <[EMAIL PROTECTED]> wrote:
> > > > >
> > > > >  Hello Nunny,
> > > > >
> > > > >  is there any sample available where the SAML token can be used as a
>  > > > >  protection token for signing and encrypting messages?
> > > > >
> > > > >  Thanks,
> > > > >  Jens
> > > > >
> > > > >
> > > > >
>  > > > >
> > > > >
> > > > >  Nunny wrote:
> > > > >  >
> > > > >  > Hi Nuria,
> > > > >  >
> > > > >  >> I've some doubts about SAML with axis2. I need to know if the
>  > > sample05
> > > > >  >> covers all the the SAML cases.
> > > > >  >
> > > > >  > No, it covers only one scenario. For example, this uses SAML
> token as
> > > a
>  > > > >  > supporting token. There is another scenarios where SAML token
> can be
> > > > >  > used as a protection token where it will be used to sign and
> encrypt
> > > > >  > messages.
>  > > > >  >
> > > > >  >
> > > > >  >
> > > > >  >> We first receive the SAML token response then we indicate, in
> the
> > > options
> > > > >  >> the responseToken id
>  > > > >  >> I don't know where we are sending to the server the SAML
> assertion
> > > in the
> > > > >  >> soapMessage
> > > > >  >
> > > > >  > When the id is set, Rampart message builders add the assertion to
> the
>  > > > >  > security
> > > > >  > header according to the security policy. If you monitor the
> messages
> > > > >  > exchanged
> > > > >  > through TCPMon, then you can actually see the SAML assertion in
> the
>  > > > >  > security
> > > > >  > header of the SOAP request to the service.
> > > > >  >
> > > > >  >> Another thing is to know what are the requestSecurityToken
>  > > parameters.
> > > > >  >
> > > > >  > In the client, we set these parameters using RST template.
> > > > >  >
> > > > >  > private static OMElement getRSTTemplate() throws Exception {
>  > > > >  >   OMFactory fac = OMAbstractFactory.getOMFactory();
> > > > >

Re: SAML with Axis2

2008-02-22 Thread Nuria Rodríguez García

Hello Nandana:

 Thank you very much for your information.

 In the last email you told me about the two scenarios that RAMPART/RAHAS
covers.

I don't understand what the meaning of each one of these bindings is. Could
you explain a little more about these scenarios?

In a document I read that there are two ways to obtain saml token.

Is this possible with rampart/rahas? The two ways are the following:


  *Security Token Acquisition*




*Issued Security Token*


Thanks, Nuria






2008/2/19, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> Hi Nuria,
>
> > A client accessing a WebService, and a SAML Authority (STS):
> >
> > 1) Have the client and the web Service to access to the same SAML
Authority?
> > (I have read anywhere that the SAML Authority only can be of STS type).
>
> Client needs access to the STS as it requires to get tokens from the STS.
And
> Client <---> STS and
> STS<---> Web
> must trust each other. Sometimes service don't need to access the STS
> to validate the SAML token. In the examples of Rampart, service itself
> validates the SAML token and it doesn't access the STS. But there is a
> pre configured trust between the STS and the service.
>
> > 2) Covers RAHAS all the scenarios of SAML interaction between these
actors
> > or there are any limitations currently?
>
> RAMPART/RAHAS can use SAML token as a supporting token and as a
> protection token. So those two scenarios are pretty covered.
> WS Trust specification defines four bindings. Namely Issue , Validate,
> Renew, Cancel bindings. At the moment, Rampart only facilitate Issue
> and Cancel bindings. But we may be able to get the other two bindings
> working before the next release of Apache Rampart.
>
> thanks,
> /nandana
>
>
>
>
> > 2008/2/14, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> >
> > > Hi Jens,
> > >   Not at the moment. But we will include a one before next release.
> > >
> > > thanks,
> > > nandana
> > >
> > > On Tue, Feb 12, 2008 at 2:31 PM, Jens Goldhammer
> > > <[EMAIL PROTECTED]> wrote:
> > > >
> > > >  Hello Nunny,
> > > >
> > > >  is there any sample available where the SAML token can be used as a
> > > >  protection token for signing and encrypting messages?
> > > >
> > > >  Thanks,
> > > >  Jens
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >  Nunny wrote:
> > > >  >
> > > >  > Hi Nuria,
> > > >  >
> > > >  >> I've some doubts about SAML with axis2. I need to know if the
> > sample05
> > > >  >> covers all the the SAML cases.
> > > >  >
> > > >  > No, it covers only one scenario. For example, this uses SAML
token as
> > a
> > > >  > supporting token. There is another scenarios where SAML token can
be
> > > >  > used as a protection token where it will be used to sign and
encrypt
> > > >  > messages.
> > > >  >
> > > >  >
> > > >  >
> > > >  >> We first receive the SAML token response then we indicate, in
the
> > options
> > > >  >> the responseToken id
> > > >  >> I don't know where we are sending to the server the SAML
assertion
> > in the
> > > >  >> soapMessage
> > > >  >
> > > >  > When the id is set, Rampart message builders add the assertion to
the
> > > >  > security
> > > >  > header according to the security policy. If you monitor the
messages
> > > >  > exchanged
> > > >  > through TCPMon, then you can actually see the SAML assertion in
the
> > > >  > security
> > > >  > header of the SOAP request to the service.
> > > >  >
> > > >  >> Another thing is to know what are the requestSecurityToken
> > parameters.
> > > >  >
> > > >  > In the client, we set these parameters using RST template.
> > > >  >
> > > >  > private static OMElement getRSTTemplate() throws Exception {
> > > >  >   OMFactory fac = OMAbstractFactory.getOMFactory();
> > > >  >   OMElement elem =
> > > >  > fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE
);
> > > >  >   TrustUtil.createTokenTypeElement(
RahasConstants.VERSION_05_02,
> > > >  > elem).setText(RahasConstants.TOK_TYPE_SAML_10);
> > > >  >   TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02
,
> > elem,
> > > >  > RahasConstants.KEY_TYPE_PUBLIC_KEY);
> > > >  >   TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02
,
> > elem, 256);
> > > >  >   return elem;
> > > >  > }
> > > >  >
> > > >  > These parameters are defined in the WS Trust specification [1].
> > > >  >
> > > >  > /nandana
> > > >  >
> > > >  > [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
> > > >  >
> > > >  > http://nandana83.blogspot.com/
> > > >  > http://nandanasm.wordpress.com/
> > > >  >
> > > >
> > > > >
-
> > > >  > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > >  > For additional commands, e-mail: [EMAIL PROTECTED]
> > > >  >
> > > >  >
> > > >  >
> > > >
> > > >  --
> > > >  View this message in context:
> > http://www.nabble.com/SAML-with-Axis2-tp15314610p15429275.html
> > > >  Sent from the Axis - User mailing list archive at Nabble.com.
> > > >

Re: SAML with Axis2

2008-02-18 Thread Nandana Mihindukulasooriya

Hi Nuria,

> A client accessing a WebService, and a SAML Authority (STS):
>
> 1) Have the client and the web Service to access to the same SAML Authority?
> (I have read anywhere that the SAML Authority only can be of STS type).

Client needs access to the STS as it requires to get tokens from the STS. And
Client <---> STS and
STS<---> Web
must trust each other. Sometimes service don't need to access the STS
to validate the SAML token. In the examples of Rampart, service itself
validates the SAML token and it doesn't access the STS. But there is a
pre configured trust between the STS and the service.

> 2) Covers RAHAS all the scenarios of SAML interaction between these actors
> or there are any limitations currently?

RAMPART/RAHAS can use SAML token as a supporting token and as a
protection token. So those two scenarios are pretty covered.
WS Trust specification defines four bindings. Namely Issue , Validate,
Renew, Cancel bindings. At the moment, Rampart only facilitate Issue
and Cancel bindings. But we may be able to get the other two bindings
working before the next release of Apache Rampart.

thanks,
/nandana




> 2008/2/14, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> > Hi Jens,
> >   Not at the moment. But we will include a one before next release.
> >
> > thanks,
> > nandana
> >
> > On Tue, Feb 12, 2008 at 2:31 PM, Jens Goldhammer
> > <[EMAIL PROTECTED]> wrote:
> > >
> > >  Hello Nunny,
> > >
> > >  is there any sample available where the SAML token can be used as a
> > >  protection token for signing and encrypting messages?
> > >
> > >  Thanks,
> > >  Jens
> > >
> > >
> > >
> > >
> > >
> > >  Nunny wrote:
> > >  >
> > >  > Hi Nuria,
> > >  >
> > >  >> I've some doubts about SAML with axis2. I need to know if the
> sample05
> > >  >> covers all the the SAML cases.
> > >  >
> > >  > No, it covers only one scenario. For example, this uses SAML token as
> a
> > >  > supporting token. There is another scenarios where SAML token can be
> > >  > used as a protection token where it will be used to sign and encrypt
> > >  > messages.
> > >  >
> > >  >
> > >  >
> > >  >> We first receive the SAML token response then we indicate, in the
> options
> > >  >> the responseToken id
> > >  >> I don't know where we are sending to the server the SAML assertion
> in the
> > >  >> soapMessage
> > >  >
> > >  > When the id is set, Rampart message builders add the assertion to the
> > >  > security
> > >  > header according to the security policy. If you monitor the messages
> > >  > exchanged
> > >  > through TCPMon, then you can actually see the SAML assertion in the
> > >  > security
> > >  > header of the SOAP request to the service.
> > >  >
> > >  >> Another thing is to know what are the requestSecurityToken
> parameters.
> > >  >
> > >  > In the client, we set these parameters using RST template.
> > >  >
> > >  > private static OMElement getRSTTemplate() throws Exception {
> > >  >   OMFactory fac = OMAbstractFactory.getOMFactory();
> > >  >   OMElement elem =
> > >  > fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
> > >  >   TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
> > >  > elem).setText(RahasConstants.TOK_TYPE_SAML_10);
> > >  >   TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02,
> elem,
> > >  > RahasConstants.KEY_TYPE_PUBLIC_KEY);
> > >  >   TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02,
> elem, 256);
> > >  >   return elem;
> > >  > }
> > >  >
> > >  > These parameters are defined in the WS Trust specification [1].
> > >  >
> > >  > /nandana
> > >  >
> > >  > [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
> > >  >
> > >  > http://nandana83.blogspot.com/
> > >  > http://nandanasm.wordpress.com/
> > >  >
> > >
> > > > -
> > >  > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > >  > For additional commands, e-mail: [EMAIL PROTECTED]
> > >  >
> > >  >
> > >  >
> > >
> > >  --
> > >  View this message in context:
> http://www.nabble.com/SAML-with-Axis2-tp15314610p15429275.html
> > >  Sent from the Axis - User mailing list archive at Nabble.com.
> > >
> > >
> > >
> > >
> > >  -
> > >  To unsubscribe, e-mail: [EMAIL PROTECTED]
> > >  For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> >
> > -
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
>

http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SAML with Axis2

2008-02-14 Thread Nuria Rodríguez García

Hi Nandana,



Regarding to the last mail:

We are using STS as SAML Authority using RAHAS module and we would need to
tell our customer what can be done for the moment using RAHAS (and what
can´t be done, we don´t want to give too many expectations).

In an scenario where we have the following actors:

A client accessing a WebService, and a SAML Authority (STS):

1) Have the client and the web Service to access to the same SAML
Authority?  (I have read anywhere that the SAML Authority only can be of STS
type).

2) Covers RAHAS all the scenarios of SAML interaction between these actors
or there are any limitations currently?



Thanks, Nuria





2008/2/14, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> Hi Jens,
>   Not at the moment. But we will include a one before next release.
>
> thanks,
> nandana
>
> On Tue, Feb 12, 2008 at 2:31 PM, Jens Goldhammer
> <[EMAIL PROTECTED]> wrote:
> >
> >  Hello Nunny,
> >
> >  is there any sample available where the SAML token can be used as a
> >  protection token for signing and encrypting messages?
> >
> >  Thanks,
> >  Jens
> >
> >
> >
> >
> >
> >  Nunny wrote:
> >  >
> >  > Hi Nuria,
> >  >
> >  >> I've some doubts about SAML with axis2. I need to know if the
> sample05
> >  >> covers all the the SAML cases.
> >  >
> >  > No, it covers only one scenario. For example, this uses SAML token as
> a
> >  > supporting token. There is another scenarios where SAML token can be
> >  > used as a protection token where it will be used to sign and encrypt
> >  > messages.
> >  >
> >  >
> >  >
> >  >> We first receive the SAML token response then we indicate, in the
> options
> >  >> the responseToken id
> >  >> I don't know where we are sending to the server the SAML assertion
> in the
> >  >> soapMessage
> >  >
> >  > When the id is set, Rampart message builders add the assertion to the
> >  > security
> >  > header according to the security policy. If you monitor the messages
> >  > exchanged
> >  > through TCPMon, then you can actually see the SAML assertion in the
> >  > security
> >  > header of the SOAP request to the service.
> >  >
> >  >> Another thing is to know what are the requestSecurityToken
> parameters.
> >  >
> >  > In the client, we set these parameters using RST template.
> >  >
> >  > private static OMElement getRSTTemplate() throws Exception {
> >  >   OMFactory fac = OMAbstractFactory.getOMFactory();
> >  >   OMElement elem =
> >  > fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
> >  >   TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
> >  > elem).setText(RahasConstants.TOK_TYPE_SAML_10);
> >  >   TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02,
> elem,
> >  > RahasConstants.KEY_TYPE_PUBLIC_KEY);
> >  >   TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02,
> elem, 256);
> >  >   return elem;
> >  > }
> >  >
> >  > These parameters are defined in the WS Trust specification [1].
> >  >
> >  > /nandana
> >  >
> >  > [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
> >  >
> >  > http://nandana83.blogspot.com/
> >  > http://nandanasm.wordpress.com/
> >  >
> >
> > > -
> >  > To unsubscribe, e-mail: [EMAIL PROTECTED]
> >  > For additional commands, e-mail: [EMAIL PROTECTED]
> >  >
> >  >
> >  >
> >
> >  --
> >  View this message in context:
> http://www.nabble.com/SAML-with-Axis2-tp15314610p15429275.html
> >  Sent from the Axis - User mailing list archive at Nabble.com.
> >
> >
> >
> >
> >  -
> >  To unsubscribe, e-mail: [EMAIL PROTECTED]
> >  For additional commands, e-mail: [EMAIL PROTECTED]
> >
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

Re: SAML with Axis2

2008-02-14 Thread Nandana Mihindukulasooriya

Hi Jens,
   Not at the moment. But we will include a one before next release.

thanks,
nandana

On Tue, Feb 12, 2008 at 2:31 PM, Jens Goldhammer
<[EMAIL PROTECTED]> wrote:
>
>  Hello Nunny,
>
>  is there any sample available where the SAML token can be used as a
>  protection token for signing and encrypting messages?
>
>  Thanks,
>  Jens
>
>
>
>
>
>  Nunny wrote:
>  >
>  > Hi Nuria,
>  >
>  >> I've some doubts about SAML with axis2. I need to know if the sample05
>  >> covers all the the SAML cases.
>  >
>  > No, it covers only one scenario. For example, this uses SAML token as a
>  > supporting token. There is another scenarios where SAML token can be
>  > used as a protection token where it will be used to sign and encrypt
>  > messages.
>  >
>  >
>  >
>  >> We first receive the SAML token response then we indicate, in the options
>  >> the responseToken id
>  >> I don't know where we are sending to the server the SAML assertion in the
>  >> soapMessage
>  >
>  > When the id is set, Rampart message builders add the assertion to the
>  > security
>  > header according to the security policy. If you monitor the messages
>  > exchanged
>  > through TCPMon, then you can actually see the SAML assertion in the
>  > security
>  > header of the SOAP request to the service.
>  >
>  >> Another thing is to know what are the requestSecurityToken parameters.
>  >
>  > In the client, we set these parameters using RST template.
>  >
>  > private static OMElement getRSTTemplate() throws Exception {
>  >   OMFactory fac = OMAbstractFactory.getOMFactory();
>  >   OMElement elem =
>  > fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
>  >   TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
>  > elem).setText(RahasConstants.TOK_TYPE_SAML_10);
>  >   TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem,
>  > RahasConstants.KEY_TYPE_PUBLIC_KEY);
>  >   TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem, 
> 256);
>  >   return elem;
>  > }
>  >
>  > These parameters are defined in the WS Trust specification [1].
>  >
>  > /nandana
>  >
>  > [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
>  >
>  > http://nandana83.blogspot.com/
>  > http://nandanasm.wordpress.com/
>  >
>
> > -
>  > To unsubscribe, e-mail: [EMAIL PROTECTED]
>  > For additional commands, e-mail: [EMAIL PROTECTED]
>  >
>  >
>  >
>
>  --
>  View this message in context: 
> http://www.nabble.com/SAML-with-Axis2-tp15314610p15429275.html
>  Sent from the Axis - User mailing list archive at Nabble.com.
>
>
>
>
>  -
>  To unsubscribe, e-mail: [EMAIL PROTECTED]
>  For additional commands, e-mail: [EMAIL PROTECTED]
>

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SAML with Axis2

2008-02-13 Thread Nandana Mihindukulasooriya

Hi Nuria,
   Can you please explain what you meant ? I am sorry, I didn't
get what you
asked.

thanks,
/nandana

On Feb 12, 2008 3:27 PM, Nuria Rodríguez García <[EMAIL PROTECTED]> wrote:
> Hi Nandana,
>
> I've a doubt about the STS. Do the service and client limited to deploy the
> rahas module to use STS or they can use different type of SAML Authority?.
> If the SAML authority is not STS could our client connect to this SAML
> authority or is limited to the STS?
>
> Thanks, Nuria
>
>
>
>
> 2008/2/12, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> >
> >
> >
> > Hi Nuria,
> >
> > > I've some doubts about SAML with axis2. I need to know if the sample05
> > > covers all the the SAML cases.
> >
> > No, it covers only one scenario. For example, this uses SAML token as a
> > supporting token. There is another scenarios where SAML token can be
> > used as a protection token where it will be used to sign and encrypt
> > messages.
> >
> > > We first receive the SAML token response then we indicate, in the
> options
> > > the responseToken id
> > > I don't know where we are sending to the server the SAML assertion in
> the
> > > soapMessage
> >
> > When the id is set, Rampart message builders add the assertion to the
> security
> > header according to the security policy. If you monitor the messages
> exchanged
> > through TCPMon, then you can actually see the SAML assertion in the
> security
> > header of the SOAP request to the service.
> >
> > > Another thing is to know what are the requestSecurityToken parameters.
> >
> > In the client, we set these parameters using RST template.
> >
> >private static OMElement getRSTTemplate() throws Exception {
> >OMFactory fac = OMAbstractFactory.getOMFactory();
> >OMElement elem =
> > fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
> >TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
> > elem).setText(RahasConstants.TOK_TYPE_SAML_10);
> >TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem,
> > RahasConstants.KEY_TYPE_PUBLIC_KEY);
> >TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem,
> 256);
> >return elem;
> >}
> >
> > These parameters are defined in the WS Trust specification [1].
> >
> > /nandana
> >
> > [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
> >
> > http://nandana83.blogspot.com/
> > http://nandanasm.wordpress.com/
> >
> >
> > -
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SAML with Axis2

2008-02-12 Thread Nuria Rodríguez García

Hi Nandana,

I've a doubt about the STS. Do the service and client limited to deploy the
rahas module to use STS or they can use different type of SAML Authority?.
If the SAML authority is not STS could our client connect to this SAML
authority or is limited to the STS?

Thanks, Nuria




2008/2/12, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> Hi Nuria,
>
> > I've some doubts about SAML with axis2. I need to know if the sample05
> > covers all the the SAML cases.
>
> No, it covers only one scenario. For example, this uses SAML token as a
> supporting token. There is another scenarios where SAML token can be
> used as a protection token where it will be used to sign and encrypt
> messages.
>
> > We first receive the SAML token response then we indicate, in the
> options
> > the responseToken id
> > I don't know where we are sending to the server the SAML assertion in
> the
> > soapMessage
>
> When the id is set, Rampart message builders add the assertion to the
> security
> header according to the security policy. If you monitor the messages
> exchanged
> through TCPMon, then you can actually see the SAML assertion in the
> security
> header of the SOAP request to the service.
>
> > Another thing is to know what are the requestSecurityToken parameters.
>
> In the client, we set these parameters using RST template.
>
>private static OMElement getRSTTemplate() throws Exception {
>OMFactory fac = OMAbstractFactory.getOMFactory();
>OMElement elem =
> fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
>TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
> elem).setText(RahasConstants.TOK_TYPE_SAML_10);
>TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem,
> RahasConstants.KEY_TYPE_PUBLIC_KEY);
>TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem,
> 256);
>return elem;
>}
>
> These parameters are defined in the WS Trust specification [1].
>
> /nandana
>
> [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
>
> http://nandana83.blogspot.com/
> http://nandanasm.wordpress.com/
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

Re: SAML with Axis2

2008-02-12 Thread Jens Goldhammer


Hello Nunny,

is there any sample available where the SAML token can be used as a
protection token for signing and encrypting messages?

Thanks,
Jens



Nunny wrote:
> 
> Hi Nuria,
> 
>> I've some doubts about SAML with axis2. I need to know if the sample05
>> covers all the the SAML cases.
> 
> No, it covers only one scenario. For example, this uses SAML token as a
> supporting token. There is another scenarios where SAML token can be
> used as a protection token where it will be used to sign and encrypt
> messages.
> 
> 
> 
>> We first receive the SAML token response then we indicate, in the options
>> the responseToken id
>> I don't know where we are sending to the server the SAML assertion in the
>> soapMessage
> 
> When the id is set, Rampart message builders add the assertion to the
> security
> header according to the security policy. If you monitor the messages
> exchanged
> through TCPMon, then you can actually see the SAML assertion in the
> security
> header of the SOAP request to the service.
> 
>> Another thing is to know what are the requestSecurityToken parameters.
> 
> In the client, we set these parameters using RST template.
> 
> private static OMElement getRSTTemplate() throws Exception {
>   OMFactory fac = OMAbstractFactory.getOMFactory();
>   OMElement elem =
> fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
>   TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
> elem).setText(RahasConstants.TOK_TYPE_SAML_10);
>   TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem,
> RahasConstants.KEY_TYPE_PUBLIC_KEY);
>   TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem, 256);
>   return elem;
> }
> 
> These parameters are defined in the WS Trust specification [1].
> 
> /nandana
> 
> [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
> 
> http://nandana83.blogspot.com/
> http://nandanasm.wordpress.com/
> 
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
> 

-- 
View this message in context: 
http://www.nabble.com/SAML-with-Axis2-tp15314610p15429275.html
Sent from the Axis - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SAML with Axis2

2008-02-12 Thread Nuria Rodríguez García

I can't see the assertion in the header of the message. Could it be because
this information is encryptied?


The soap message is the following:


http://schemas.xmlsoap.org/soap/envelope/"xmlns:xenc
="http://www.w3.org/2001/04/xmlenc#";>

http://www.w3.org/2005/08/addressing";>

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
" soapenv:mustUnderstand="1">

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
" wsu:Id="Timestamp-18655235">

2008-02-11T08:29:14.629Z

2008-02-11T08:34:14.629Z





http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>

http://www.w3.org/2000/09/xmldsig#";>



http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
" ValueType="
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1
">HYL371NzoOs2+IA24VDkBGcUFQM=








NS8hopFGnXC0p1Wma5EppZyhltrqoG/Xc6awAEYNoP8ZG7OCIbss4n9EbiKvE/Cc7qoJaJF7hbjp0fpTASStbb4/mABDSw6ZhYmS5VOgZpKnSyiX1DVeyWpXZkJmw2pFfZwXwlV0Z7zL05+TtY+fA/ofPBlUCnrBJFYOaeUYMlA=








http://www.w3.org/2000/09/xmldsig#"; Id="
Signature-18871350">



http://www.w3.org/2001/10/xml-exc-c14n#"/>

http://www.w3.org/2000/09/xmldsig#hmac-sha1
"/>





http://www.w3.org/2001/10/xml-exc-c14n#"/>



http://www.w3.org/2000/09/xmldsig#sha1"/>

kTTbXVwC6Hqhw+aPoSClk+I1MQ8=







http://www.w3.org/2001/10/xml-exc-c14n#"/>



http://www.w3.org/2000/09/xmldsig#sha1"/>

QL1srEXsHEJxBVvISWC6qqC135Q=





Pl4+PwCkehIyXTKWaruQTsS7gGE=



http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
" wsu:Id="STRId-18725445">

http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-soap-message-security-1.1#EncryptedKey
"/>









http://localhost:8081/axis2/services/sample05?wsdl

urn:uuid:7CD0DAE693C1E94AFF1202718554608

urn:echo



http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
" wsu:Id="Id-14721926">

http://sample05.policy.samples.rampart.apache.org";>

Hello world1









2008/2/12, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> Hi Nuria,
>
> > I've some doubts about SAML with axis2. I need to know if the sample05
> > covers all the the SAML cases.
>
> No, it covers only one scenario. For example, this uses SAML token as a
> supporting token. There is another scenarios where SAML token can be
> used as a protection token where it will be used to sign and encrypt
> messages.
>
> > We first receive the SAML token response then we indicate, in the
> options
> > the responseToken id
> > I don't know where we are sending to the server the SAML assertion in
> the
> > soapMessage
>
> When the id is set, Rampart message builders add the assertion to the
> security
> header according to the security policy. If you monitor the messages
> exchanged
> through TCPMon, then you can actually see the SAML assertion in the
> security
> header of the SOAP request to the service.
>
> > Another thing is to know what are the requestSecurityToken parameters.
>
> In the client, we set these parameters using RST template.
>
>private static OMElement getRSTTemplate() throws Exception {
>OMFactory fac = OMAbstractFactory.getOMFactory();
>OMElement elem =
> fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
>TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
> elem).setText(RahasConstants.TOK_TYPE_SAML_10);
>TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem,
> RahasConstants.KEY_TYPE_PUBLIC_KEY);
>TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem,
> 256);
>return elem;
>}
>
> These parameters are defined in the WS Trust specification [1].
>
> /nandana
>
> [1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
>
> http://nandana83.blogspot.com/
> http://nandanasm.wordpress.com/
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

Re: SAML with Axis2

2008-02-11 Thread Nandana Mihindukulasooriya

Hi Nuria,

> I've some doubts about SAML with axis2. I need to know if the sample05
> covers all the the SAML cases.

No, it covers only one scenario. For example, this uses SAML token as a
supporting token. There is another scenarios where SAML token can be
used as a protection token where it will be used to sign and encrypt
messages.

> We first receive the SAML token response then we indicate, in the options
> the responseToken id
> I don't know where we are sending to the server the SAML assertion in the
> soapMessage

When the id is set, Rampart message builders add the assertion to the security
header according to the security policy. If you monitor the messages exchanged
through TCPMon, then you can actually see the SAML assertion in the security
header of the SOAP request to the service.

> Another thing is to know what are the requestSecurityToken parameters.

In the client, we set these parameters using RST template.

private static OMElement getRSTTemplate() throws Exception {
OMFactory fac = OMAbstractFactory.getOMFactory();
OMElement elem =
fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02,
elem).setText(RahasConstants.TOK_TYPE_SAML_10);
TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem,
RahasConstants.KEY_TYPE_PUBLIC_KEY);
TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem, 256);
return elem;
}

These parameters are defined in the WS Trust specification [1].

/nandana

[1] - specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf

http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SAML with Axis2

2008-02-11 Thread Nuria Rodríguez García

Hi again:

I've some doubts about SAML with axis2. I need to know if the sample05
covers all the the SAML cases.

We first receive the SAML token response then we indicate, in the options
the responseToken id
I don't know where we are sending to the server the SAML assertion in the
soapMessage

Another thing is to know what are the requestSecurityToken parameters.

Thanks,
Nuria



2008/2/8, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> Hi Nuria,  Are you using the latest Rampart jars ? Can you post the
> SOAP
> response you get from the server ?
> I checked the sample with the trunk and it worked fine for me.
>  Please take a look at this [1] thread too.
>
> Thanks,
> /nandana
>
> [1] - http://marc.info/?t=12017867083&r=1&w=2
>
> On Feb 8, 2008 7:03 PM, Nuria Rodríguez García <[EMAIL PROTECTED]>
> wrote:
> > Hi Nandana,
> >
> > I could deploy the services without problem. But now when I execute the
> > client side I receive the following error.
> > Exception in thread "main" org.apache.axis2.AxisFault: An error was
> > discovered processing the  header. (Reference URI is
> > null)[java] at
> > org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java
> :486)[java]
> > at
> > org.apache.axis2.description.OutInAxisOperationClient.handleResponse(
> OutInAxisOperation.java:343)[java]
> > at
> > org.apache.axis2.description.OutInAxisOperationClient.send(
> OutInAxisOperation.java:389)[java]
> > at
> > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(
> OutInAxisOperation.java:211)[java]
> > at
> > org.apache.axis2.client.OperationClient.execute(OperationClient.java
> :163)[java]
> > at
> > org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java
> :528)[java]
> > at
> > org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java
> :508)[java]
> > at org.apache.rampart.samples.policy.sample05.Client.main(Unknown
> Source)
> >
> > I could see that the Assertion doesn't appear in the soap envelope
> header
> >
> > Thanks,
> > Nuria
> >
> > 2008/2/7, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> > >
> > >
> > >
> > > Hi Nuria,
> > >
> > > > In sample05 I can see that in the "requestSecurityToken" method the
> EPR
> > that
> > > > It's used is http://localhost:8080/axis2/services/STS but if I put
> this
> > url
> > > > in my browser I receive an error page
> > >
> > > Did you follow the following steps ?
> > >
> > > 1.) Set the AXIS2_HOME system variable to point to your axis2 home
> > directory
> > >
> > > 2.) Run the ant task "service.05" ( you have to have apache ant
> installed
> > )
> > > eg.)
> > > /path-to-rampart-source/modules/rampart-samples/policy$ ant service.05
> > >
> > > you must then be able to see something like
> > >
> > > [java] [SimpleHTTPServer] Starting
> > > [java] [SimpleHTTPServer] Using the Axis2 Repository
> > >
> >
> /home/nandana/work/workspace/apache/rampart/modules/rampart-samples/policy/build/service_repositories/sample05
> > > [java] [SimpleHTTPServer] Listening on port 8080
> > > [java] [SimpleHTTPServer] Started
> > > [java] 2008-02-07 16:39:25,670 INFO
> > > org.apache.axis2.transport.http.server.DefaultConnectionListener -
> > > Listening on port 8080
> > >
> > > along with some other information in the console and
> > >
> > > http://localhost:8080/axis2/services/STS?wsdl
> > > http://localhost:8080/axis2/services/sample05?wsdl
> > >
> > > should show the WSDLs of the STS and the service.
> > >
> > > regards,
> > > nandana
> > >
> > > http://nandana83.blogspot.com/
> > > http://nandanasm.wordpress.com/
> > >
> > > -
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
> >
>
>
> http://nandana83.blogspot.com/
> http://nandanasm.wordpress.com/
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

Re: SAML with Axis2

2008-02-08 Thread Nuria Rodríguez García

Hi again!!

Well, I have put all in SNAPSHOT and works.

Thank you very much.



2008/2/8, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> Hi Nuria,
>   Are you using the latest Rampart jars ? Can you post the SOAP
> response you get from the server ?
> I checked the sample with the trunk and it worked fine for me.
>  Please take a look at this [1] thread too.
>
> Thanks,
> /nandana
>
> [1] - http://marc.info/?t=12017867083&r=1&w=2
>
> On Feb 8, 2008 7:03 PM, Nuria Rodríguez García <[EMAIL PROTECTED]>
> wrote:
> > Hi Nandana,
> >
> > I could deploy the services without problem. But now when I execute the
> > client side I receive the following error.
> > Exception in thread "main" org.apache.axis2.AxisFault: An error was
> > discovered processing the  header. (Reference URI is
> > null)[java] at
> > org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java
> :486)[java]
> > at
> > org.apache.axis2.description.OutInAxisOperationClient.handleResponse(
> OutInAxisOperation.java:343)[java]
> > at
> > org.apache.axis2.description.OutInAxisOperationClient.send(
> OutInAxisOperation.java:389)[java]
> > at
> > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(
> OutInAxisOperation.java:211)[java]
> > at
> > org.apache.axis2.client.OperationClient.execute(OperationClient.java
> :163)[java]
> > at
> > org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java
> :528)[java]
> > at
> > org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java
> :508)[java]
> > at org.apache.rampart.samples.policy.sample05.Client.main(Unknown
> Source)
> >
> > I could see that the Assertion doesn't appear in the soap envelope
> header
> >
> > Thanks,
> > Nuria
> >
> > 2008/2/7, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> > >
> > >
> > >
> > > Hi Nuria,
> > >
> > > > In sample05 I can see that in the "requestSecurityToken" method the
> EPR
> > that
> > > > It's used is http://localhost:8080/axis2/services/STS but if I put
> this
> > url
> > > > in my browser I receive an error page
> > >
> > > Did you follow the following steps ?
> > >
> > > 1.) Set the AXIS2_HOME system variable to point to your axis2 home
> > directory
> > >
> > > 2.) Run the ant task "service.05" ( you have to have apache ant
> installed
> > )
> > > eg.)
> > > /path-to-rampart-source/modules/rampart-samples/policy$ ant service.05
> > >
> > > you must then be able to see something like
> > >
> > > [java] [SimpleHTTPServer] Starting
> > > [java] [SimpleHTTPServer] Using the Axis2 Repository
> > >
> >
> /home/nandana/work/workspace/apache/rampart/modules/rampart-samples/policy/build/service_repositories/sample05
> > > [java] [SimpleHTTPServer] Listening on port 8080
> > > [java] [SimpleHTTPServer] Started
> > > [java] 2008-02-07 16:39:25,670 INFO
> > > org.apache.axis2.transport.http.server.DefaultConnectionListener -
> > > Listening on port 8080
> > >
> > > along with some other information in the console and
> > >
> > > http://localhost:8080/axis2/services/STS?wsdl
> > > http://localhost:8080/axis2/services/sample05?wsdl
> > >
> > > should show the WSDLs of the STS and the service.
> > >
> > > regards,
> > > nandana
> > >
> > > http://nandana83.blogspot.com/
> > > http://nandanasm.wordpress.com/
> > >
> > > -
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
> >
>
>
> http://nandana83.blogspot.com/
> http://nandanasm.wordpress.com/
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

Re: SAML with Axis2

2008-02-08 Thread Nuria Rodríguez García

Hi,

I'm using rampart-1.3.
The soap response I get from the server is:


http://schemas.xmlsoap.org/soap/envelope/"xmlns:wsa
="http://www.w3.org/2005/08/addressing";>



http://www.w3.org/2005/08/addressing/soap/fault

urn:uuid:491E0CE6F9BE8324DB1202511282800







soapenv:Server

An error was discovered processing the
header. (Reference URI is null)




org.apache.axis2.AxisFault: An error was discovered processing
the  header. (Reference URI is null)

at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java
:88)

at org.apache.axis2.engine.Phase.invoke(Phase.java:292)

at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212)

at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:132)

at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest
(HTTPTransportUtils.java:275)

at org.apache.axis2.transport.http.HTTPWorker.service(HTTPWorker.java
:256)

at org.apache.axis2.transport.http.server.AxisHttpService.doService(
AxisHttpService.java:259)

at org.apache.axis2.transport.http.server.AxisHttpService.handleRequest(
AxisHttpService.java:166)

at org.apache.axis2.transport.http.server.HttpServiceProcessor.run(
HttpServiceProcessor.java:85)

at
edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.runTask
(ThreadPoolExecutor.java:665)

at
edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run
(ThreadPoolExecutor.java:690)

at java.lang.Thread.run(Unknown Source)

Caused by: org.apache.ws.security.WSSecurityException: An error was
discovered processing the  header. (Reference URI is
null)

at
org.apache.ws.security.message.token.SecurityTokenReference.getTokenElement(
SecurityTokenReference.java:192)

at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(
SignatureProcessor.java:197)

at org.apache.ws.security.processor.SignatureProcessor.handleToken(
SignatureProcessor.java:85)

at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(
WSSecurityEngine.java:284)

at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(
WSSecurityEngine.java:206)

at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(
WSSecurityEngine.java:159)

at org.apache.rampart.RampartEngine.process(RampartEngine.java:127)

at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java
:85)

... 11 more










Thanks,
Nuria


2008/2/8, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> Hi Nuria,
>   Are you using the latest Rampart jars ? Can you post the SOAP
> response you get from the server ?
> I checked the sample with the trunk and it worked fine for me.
>  Please take a look at this [1] thread too.
>
> Thanks,
> /nandana
>
> [1] - http://marc.info/?t=12017867083&r=1&w=2
>
> On Feb 8, 2008 7:03 PM, Nuria Rodríguez García <[EMAIL PROTECTED]>
> wrote:
> > Hi Nandana,
> >
> > I could deploy the services without problem. But now when I execute the
> > client side I receive the following error.
> > Exception in thread "main" org.apache.axis2.AxisFault: An error was
> > discovered processing the  header. (Reference URI is
> > null)[java] at
> > org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java
> :486)[java]
> > at
> > org.apache.axis2.description.OutInAxisOperationClient.handleResponse(
> OutInAxisOperation.java:343)[java]
> > at
> > org.apache.axis2.description.OutInAxisOperationClient.send(
> OutInAxisOperation.java:389)[java]
> > at
> > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(
> OutInAxisOperation.java:211)[java]
> > at
> > org.apache.axis2.client.OperationClient.execute(OperationClient.java
> :163)[java]
> > at
> > org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java
> :528)[java]
> > at
> > org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java
> :508)[java]
> > at org.apache.rampart.samples.policy.sample05.Client.main(Unknown
> Source)
> >
> > I could see that the Assertion doesn't appear in the soap envelope
> header
> >
> > Thanks,
> > Nuria
> >
> > 2008/2/7, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> > >
> > >
> > >
> > > Hi Nuria,
> > >
> > > > In sample05 I can see that in the "requestSecurityToken" method the
> EPR
> > that
> > > > It's used is http://localhost:8080/axis2/services/STS but if I put
> this
> > url
> > > > in my browser I receive an error page
> > >
> > > Did you follow the following steps ?
> > >
> > > 1.) Set the AXIS2_HOME system variable to point to your axis2 home
> > directory
> > >
> > > 2.) Run the ant task "service.05" ( you have to have apache ant
> installed
> > )
> > > eg.)
> > > /path-to-rampart-source/modules/rampart-samples/policy$ ant service.05
> > >
> > > you must then be able to see something like
> > >
> > > [java] [SimpleHTTPServer] Starting
> > > [java] [SimpleHTTPServer] Using the Axis2 Repository
> > >
> >
> /home/nandana/work/workspace/apache/rampart/modules/ra

Re: SAML with Axis2

2008-02-08 Thread Nandana Mihindukulasooriya

Hi Nuria,
   Are you using the latest Rampart jars ? Can you post the SOAP
response you get from the server ?
I checked the sample with the trunk and it worked fine for me.
  Please take a look at this [1] thread too.

Thanks,
/nandana

[1] - http://marc.info/?t=12017867083&r=1&w=2

On Feb 8, 2008 7:03 PM, Nuria Rodríguez García <[EMAIL PROTECTED]> wrote:
> Hi Nandana,
>
> I could deploy the services without problem. But now when I execute the
> client side I receive the following error.
> Exception in thread "main" org.apache.axis2.AxisFault: An error was
> discovered processing the  header. (Reference URI is
> null)[java] at
> org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:486)[java]
> at
> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:343)[java]
> at
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:389)[java]
> at
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)[java]
> at
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)[java]
> at
> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)[java]
> at
> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:508)[java]
> at org.apache.rampart.samples.policy.sample05.Client.main(Unknown Source)
>
> I could see that the Assertion doesn't appear in the soap envelope header
>
> Thanks,
> Nuria
>
> 2008/2/7, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
> >
> >
> >
> > Hi Nuria,
> >
> > > In sample05 I can see that in the "requestSecurityToken" method the EPR
> that
> > > It's used is http://localhost:8080/axis2/services/STS but if I put this
> url
> > > in my browser I receive an error page
> >
> > Did you follow the following steps ?
> >
> > 1.) Set the AXIS2_HOME system variable to point to your axis2 home
> directory
> >
> > 2.) Run the ant task "service.05" ( you have to have apache ant installed
> )
> > eg.)
> > /path-to-rampart-source/modules/rampart-samples/policy$ ant service.05
> >
> > you must then be able to see something like
> >
> > [java] [SimpleHTTPServer] Starting
> > [java] [SimpleHTTPServer] Using the Axis2 Repository
> >
> /home/nandana/work/workspace/apache/rampart/modules/rampart-samples/policy/build/service_repositories/sample05
> > [java] [SimpleHTTPServer] Listening on port 8080
> > [java] [SimpleHTTPServer] Started
> > [java] 2008-02-07 16:39:25,670 INFO
> > org.apache.axis2.transport.http.server.DefaultConnectionListener -
> > Listening on port 8080
> >
> > along with some other information in the console and
> >
> > http://localhost:8080/axis2/services/STS?wsdl
> > http://localhost:8080/axis2/services/sample05?wsdl
> >
> > should show the WSDLs of the STS and the service.
> >
> > regards,
> > nandana
> >
> > http://nandana83.blogspot.com/
> > http://nandanasm.wordpress.com/
> >
> > -
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
>


http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SAML with Axis2

2008-02-08 Thread Nuria Rodríguez García

Hi Nandana,

I could deploy the services without problem. But now when I execute the
client side I receive the following error.
Exception in thread "main" org.apache.axis2.AxisFault: An error was
discovered processing the  header. (Reference URI is null)[*
java*] at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(*
Utils.java:486*)[*java*] at
org.apache.axis2.description.OutInAxisOperationClient.handleResponse(*
OutInAxisOperation.java:343*)[*java*] at
org.apache.axis2.description.OutInAxisOperationClient.send(*
OutInAxisOperation.java:389*)[*java*] at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(*
OutInAxisOperation.java:211*)[*java*] at
org.apache.axis2.client.OperationClient.execute(*OperationClient.java:163*)[
*java*] at org.apache.axis2.client.ServiceClient.sendReceive(*
ServiceClient.java:528*)[*java*] at
org.apache.axis2.client.ServiceClient.sendReceive(*ServiceClient.java:508*)[
*java*] at org.apache.rampart.samples.policy.sample05.Client.main(Unknown
Source)

I could see that the Assertion doesn't appear in the soap envelope header

Thanks,
Nuria

2008/2/7, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> Hi Nuria,
>
> > In sample05 I can see that in the "requestSecurityToken" method the EPR
> that
> > It's used is http://localhost:8080/axis2/services/STS but if I put this
> url
> > in my browser I receive an error page
>
> Did you follow the following steps ?
>
> 1.) Set the AXIS2_HOME system variable to point to your axis2 home
> directory
>
> 2.) Run the ant task "service.05" ( you have to have apache ant installed
> )
> eg.)
> /path-to-rampart-source/modules/rampart-samples/policy$ ant service.05
>
> you must then be able to see something like
>
> [java] [SimpleHTTPServer] Starting
> [java] [SimpleHTTPServer] Using the Axis2 Repository
>
> /home/nandana/work/workspace/apache/rampart/modules/rampart-samples/policy/build/service_repositories/sample05
> [java] [SimpleHTTPServer] Listening on port 8080
> [java] [SimpleHTTPServer] Started
> [java] 2008-02-07 16:39:25,670 INFO
> org.apache.axis2.transport.http.server.DefaultConnectionListener -
> Listening on port 8080
>
> along with some other information in the console and
>
> http://localhost:8080/axis2/services/STS?wsdl
> http://localhost:8080/axis2/services/sample05?wsdl
>
> should show the WSDLs of the STS and the service.
>
> regards,
> nandana
>
> http://nandana83.blogspot.com/
> http://nandanasm.wordpress.com/
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

Re: SAML with Axis2

2008-02-07 Thread Nandana Mihindukulasooriya

Hi Nuria,

> In sample05 I can see that in the "requestSecurityToken" method the EPR that
> It's used is http://localhost:8080/axis2/services/STS but if I put this url
> in my browser I receive an error page

Did you follow the following steps ?

1.) Set the AXIS2_HOME system variable to point to your axis2 home directory

2.) Run the ant task "service.05" ( you have to have apache ant installed )
eg.)
/path-to-rampart-source/modules/rampart-samples/policy$ ant service.05

you must then be able to see something like

 [java] [SimpleHTTPServer] Starting
 [java] [SimpleHTTPServer] Using the Axis2 Repository
/home/nandana/work/workspace/apache/rampart/modules/rampart-samples/policy/build/service_repositories/sample05
 [java] [SimpleHTTPServer] Listening on port 8080
 [java] [SimpleHTTPServer] Started
 [java] 2008-02-07 16:39:25,670 INFO
org.apache.axis2.transport.http.server.DefaultConnectionListener -
Listening on port 8080

along with some other information in the console and

http://localhost:8080/axis2/services/STS?wsdl
http://localhost:8080/axis2/services/sample05?wsdl

should show the WSDLs of the STS and the service.

regards,
nandana

http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SAML with Axis2

2008-02-07 Thread Nuria Rodríguez García

Thank you very much for your help.

I've deployed the rahas module. But now I don't know what is the EPR to
connect to the STS service.
In sample05 I can see that in the "requestSecurityToken" method the EPR that
It's used is http://localhost:8080/axis2/services/STS but if I put this url
in my browser I receive an error page

Regards,
Nuria



2008/2/6, Nandana Mihindukulasooriya <[EMAIL PROTECTED]>:
>
> Hi Nuria,
>
>  I'm new in SAML with Axis2. I need using it in my web application so I
> > would like to know if it's possible to implement it thought WSS4J without
> > rampart module.
> >
>
> IFAIK, Rahas module handles trust related stuff in Rampart. So I don't
> think you will be able do this only with WSS4J.
>
>
> >  If it is not possible is there some explanation about the rampart
> > sample05?
> >
>
> Rampart sample 05 demonstrates how a client can obtain a SAML token from a
> STS and use that token as supporting token to authenticate to a web service.
>
>
>
>
> >  I can't find the rampart-trust.mar module.
> >
>
> It is the rahas.mar ( rampart trust module ). You can find the source [1]
> and the binary [2] in the given links.
>
> regards,
> /nandana
>
> http://nandana83.blogspot.com/
> http://nandanasm.wordpress.com/
>
> [1] -
> https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-trust-mar/
> [2] -
> http://people.apache.org/repo/m2-snapshot-repository/org/apache/rampart/rahas/SNAPSHOT/
>

Re: SAML with Axis2

2008-02-06 Thread Nandana Mihindukulasooriya

Hi Nuria,

I'm new in SAML with Axis2. I need using it in my web application so I would
> like to know if it's possible to implement it thought WSS4J without rampart
> module.
>

IFAIK, Rahas module handles trust related stuff in Rampart. So I don't think
you will be able do this only with WSS4J.


>  If it is not possible is there some explanation about the rampart
> sample05?
>

Rampart sample 05 demonstrates how a client can obtain a SAML token from a
STS and use that token as supporting token to authenticate to a web service.


I can't find the rampart-trust.mar module.
>

It is the rahas.mar ( rampart trust module ). You can find the source [1]
and the binary [2] in the given links.

regards,
/nandana

http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/

[1] -
https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-trust-mar/
[2] -
http://people.apache.org/repo/m2-snapshot-repository/org/apache/rampart/rahas/SNAPSHOT/

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

Re: SAML with Axis2

21 matches

Site Navigation

Mail list logo

Footer information