Hi I don't know any example with SSO demonstrated, but as i remember SAML is supported by WSS4J ( used in xfire-ws-security) so you can check WSS4J doc for more info. Some samples of using ACEGI with XFire you can find on Article page : http://xfire.codehaus.org/Articles
On 3/14/07, Andres Bernasconi <[EMAIL PROTECTED]> wrote:
List, Do you have any examples of a web service (consumer) that uses WS Single Sign On mechanism as with SAML to send credentials around? If possible (although I don't think this would be much complicated) it uses Acegi Security to allow the application a handle to the Subject, thus allowing for automatic adding of credentials on outgoing messages from the called web service.. Would be something like this (don't have experience with SAML, so the "language" or even the idea might be inaccurate) : Client Calls a Web Service and authenticates itself. Credentials are sent to back to the client and stored (somewhere. Ideally Acegi Security should have them around). Client makes a call to WebService-A. An outHandler automatically gets the Subject information (including ticket, or whatever) adds SAML Security information to the outgoing message. WebService-A' s inHandler analyzes the SAML Security Information. Based on it, it creates a Subject with all the roles defined. If WebService-A calls any other web service, the same outhandler as in the Client is used to send credentials. I was wondering this because: - I do not want passwords going around, not even if they are encrypted - I need the Subject's role information and name for business logic purposes and auditing. - I want a "pluggable" way to do it, so I don't have to code this every time I create a web service / client. Just add a jar and configure spring. Any other feedback, help, pointers, or other ways to do this are, of course, more than welcome. Regards Andres B.
-- ----- When one of our products stops working, we'll blame another vendor within 24 hours. --------------------------------------------------------------------- To unsubscribe from this list please visit: http://xircles.codehaus.org/manage_email
