synapse-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Seshi Patibanda <>
Subject Question on including SAML token in the Security header!
Date Tue, 27 Jan 2009 17:10:24 GMT
Hello all,

As per the thread seen on (, there was an update from
Ruchith Fernando dated Nov 4, 2007 about the ways to include the obtained
SAML token in the Security header.

First option was given as:

" By creating a wsse:*Security**header* element and adding the
*token*element into the
*header*. Rampart processing down the line will re-use this *header*. "

Could anyone please expand on how to implement this option using Apache
Rampart 1.4?

At my end, I have problems inserting an obtained SAML token in the Security
header of my SOAP request. I have sent an email to
axis-user@ws.apache.orgmailing list requesting feedback but haven't
received any yet. All I need to
do is just pass the retrieved SAML token to the remote web
service(SSL-enabled) via SOAP header in the request.

My configuration:
Deployed Apache Rampart 1.4 module correctly as per the samples. Using Axis2
1.4 client and stubs generated by WSDL2Java tool. Based on my configuration,
would policy based approach work? If so, does anyone have any sample
Transport-level security policies to implement the SAML passing?

Any feedback/suggestion is highly appreciated.


Seshi Patibanda

View raw message