axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tim Williams" <>
Subject Re: Rampart interaction with client/provider/STS
Date Thu, 26 Jun 2008 15:05:57 GMT
On Thu, Jun 26, 2008 at 8:35 AM, Tim Williams <> wrote:
> So far the samples seem to explicitly (through API) retrieve a token
> from the STS.  I'm wondering whether this can be done declaratively
> only by way of the policy.  It seems that if I have a policy file
> exposed within a service's WSDL that states what STS that is
> acceptable, then the client shouldn't need to get a token through the
> API?
> In other words, in code I would expect something like:
> - setup a ServiceClient for the service provider endpoint
> - engage Rampart
> - load the service's policy document
> - call service
> and I would expect that based on Rampart's understanding of the policy
> it would know to retrieve a token from the STS prior to actually
> making the call to the service provider.
> If my expectation is wrong, then once I get a token from the STS
> programmatically, how do i attach it to the actual service call?

It seems my expectation was reasonable, I just tried Rampart 1.4
sample 06 and essentially does what i wanted.

On a side note, sample05 only seems to work *after* I successfully run
sample06.  If I type ant clean in the sample/policy directory then try
sample05 it's broken with something about a missing WSSE:Security

Sorry for the noise...

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message