Return-Path: Delivered-To: apmail-ws-fx-dev-archive@www.apache.org Received: (qmail 78875 invoked from network); 26 Jul 2005 00:43:20 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 26 Jul 2005 00:43:20 -0000 Received: (qmail 36825 invoked by uid 500); 26 Jul 2005 00:43:18 -0000 Delivered-To: apmail-ws-fx-dev-archive@ws.apache.org Received: (qmail 36794 invoked by uid 500); 26 Jul 2005 00:43:18 -0000 Mailing-List: contact fx-dev-help@ws.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list fx-dev@ws.apache.org Received: (qmail 36781 invoked by uid 99); 26 Jul 2005 00:43:18 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 25 Jul 2005 17:43:18 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests=RCVD_BY_IP,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of atmanes@gmail.com designates 64.233.184.195 as permitted sender) Received: from [64.233.184.195] (HELO wproxy.gmail.com) (64.233.184.195) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 25 Jul 2005 17:43:12 -0700 Received: by wproxy.gmail.com with SMTP id i24so978336wra for ; Mon, 25 Jul 2005 17:43:17 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=MNORNL2r637CgznWvPd/9JaCozWyXvRijZdYaY207GUdBG6GP24tzAhpVL2CGnd32zVgEeJxsG3vmHL8wx9x/JbY92bK/tf6kYfm2tAMrJ8QTToJGbL67j28cUX8ucIR6m+A01JsX/H1CaAylxUtK1ZIEjlIjxwELJ4dnj+nCMU= Received: by 10.54.38.57 with SMTP id l57mr2388905wrl; Mon, 25 Jul 2005 17:43:15 -0700 (PDT) Received: by 10.54.93.9 with HTTP; Mon, 25 Jul 2005 17:43:15 -0700 (PDT) Message-ID: Date: Mon, 25 Jul 2005 20:43:15 -0400 From: Anne Thomas Manes Reply-To: Anne Thomas Manes To: fx-dev@ws.apache.org Subject: Re: authentication, SAML In-Reply-To: <1122065712.4672.6.camel@l00073031.dian.gov.co> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <1122065712.4672.6.camel@l00073031.dian.gov.co> X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N As defined by WS-Trust, a security token service (STS) is a web service that issues, renews, and validates security tokens. The client presents a set of claims, and if the claims provide sufficient proof, the STS returns the requested token. The client can then use the token to supply authentication information on subsequent SOAP requests. Each SOAP request must be re-authenticated, though, unless the client and server establish and maintain some type of extended security session. WS-SecureConversation defines a binding of WS-Trust for creating this type of extended security session. WS-SecureConversation defines a new token type called a security context token. When using WS-SecureConversation, the client and server need to authenticate each other only once at the start of the conversation. Anne On 7/22/05, Milton Fidel vega wrote: >=20 > Is correct, that the same system are the identiy provider and the > service provider supplier? (if there is not a identity provider ) >=20 >=20 > this is correct? >=20 > It's a Web Service exclusively for authentication, this emit the signed > assertion via web service response after the client has autenthicated > for te web service logic, so that in following calls to the Web services > business, the messages soap of the client include the assertion in the > soap headers and it are not authenticated again. >=20 >=20 >=20 > Thanks >=20 >=20 >