Are you using WS-SecurityPolicy? The only way I can think of to do this is if the STS is secured with a WS-SecurityPolicy expression that requires a SAML Token as a SupportingToken, see here for some examples:
http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/DoubleItSaml.wsdl?view=markup In this case, you'll need to configure the client with a special callback handler to retrieve the SAML Assertion, for example: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/client/client.xml?view=markup The following example referenced above generates a new SAML Assertion: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlCallbackHandler.java?view=markup However if you have access to the DOM Element you can just set this instead on the SAMLCallback object. Colm. On Tue, May 15, 2012 at 9:03 PM, Urmila & Sunil Bapat <[email protected]> wrote: > How do I configure the STSClient to pass in a existing SAML assertion? > The scenario is that the STS is secured by a SAML assertion. Therefore > to call the STS, we need to pass this SAML assertion. What properties > and callbacks can I configure on the STSClient to send this SAML > assertion in the header of the RequestSecurityToken call to the STS? > > Thanks > Sunil. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
