axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dimuthu <>
Subject Re: Axis2 and rampart design question
Date Fri, 05 Oct 2007 11:48:21 GMT

If you want to configure claims you can use the callback mechanism as in
this test case[1].

If you want to obtain Username/passowrd then you can do it as specified
here[2]. You can look at this class for more different types of

Thank you,


On Fri, 2007-10-05 at 10:07 +0200, Massimiliano Masi wrote:
> Hi all,
> I am trying to setup a webservice that acts as WS-Trust STS with rampart.
> I've a design question.
> Clients sends the authentication claim in the wsse:Security element in the
> header (claims such as Username/Password, SAML Tokens, Kerberos and
> X.509 binary secrets). Based on the identity carried in this wsse:Security,
> the STS decide to issue or not the security token (that is my own  
> implementation
> of SAML2).
> Now I'm thinking: the wsse:Security element is detached by a module (that I
> will write I think, to get all my claims processed). But, detaching the
> header, I don't know anymore the identity of the user! So, I thought to
> put in the header of the SOAP message something like
> <identity>userIdentity</identity>
> so the STS implementation can have the information on the identity of the
> user (and can decide to issue a token).
> Have you other ideas? Does it looks good for you? Have you any pattern?
> I'll appreciate your hints!
> Thank you!
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message