'Re: Checking of SAML token from sts'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       rampart-dev
Subject:    Re: Checking of SAML token from sts
From:       Håkon_Sagehaug <Hakon.Sagehaug () bccs ! uib ! no>
Date:       2009-05-22 10:50:54
Message-ID: d535d76f0905220350m4ababb8ewa6aa5071248e06af () mail ! gmail ! com
[Download RAW message or body]


Hi

To you have a time frame when the SAML 2 issuer will be completed?

cheers ,Håkon

2009/5/6 Nandana Mihindukulasooriya <nandana.cse@gmail.com>

> Yes, SAML token is processed by
> org.apache.ws.security.processor.SAMLTokenProcessor class in WSS4J. That
> needs to improved to check the signature and the other conditions. OpenSAML
> aleady have an API to do this, it won't be a very hard thing to do. It will
> be great if you can submit a patch to do that for WSS4J. I have done some
> work on SAML2 issuer in Rampart but those are still progress. I am planning
> to finish them as soon I get some free time.
>
> thanks,
> Nandana
>
> 2009/5/6 Håkon Sagehaug <Hakon.Sagehaug@bccs.uib.no>
>
> > Hi all,
> >
> > Is there some answers to this question? Do one have to create a own SAML
> > checker or something, that uses the SAMLAssertion#validate method? I
> would
> > really like to know. As far as I can see the only check that is done now
> is
> > to see if a SAMLAssertion object can be created. Is that correct?
> >
> > cheers, Håkon
> >
> > 2009/4/29 Håkon Sagehaug <Hakon.Sagehaug@bccs.uib.no>
> >
> > > Hi
> > >
> > > I was just wondering when using a sts service to issue a SAML token and
> > > this need to be checked at the end service, to see that it's sts that
> > have
> > > signed the message, what class is doing the checking is it the SAML
> > > processor in wss4j or some other class?
> > >
> > > Also is there some plan of adding/implementing/exchange the SAML1
> issuer
> > > with a SAML 2 issuer.
> > >
> > > cheers, Håkon
> > >
> > > --
> > > Håkon Sagehaug, Scientific Programmer
> > > Parallab, Bergen Center for Computational Science (BCCS)
> > > UNIFOB AS (University of Bergen Research Company)
> > >
> >
> >
> >
> > --
> > Håkon Sagehaug, Scientific Programmer
> > Parallab, Bergen Center for Computational Science (BCCS)
> > UNIFOB AS (University of Bergen Research Company)
> >
>
>
>
> --
> Nandana Mihindukulasooriya
> WSO2 inc.
>
> http://nandana83.blogspot.com/
> http://www.wso2.org
>



-- 
Håkon Sagehaug, Scientific Programmer
Parallab, Bergen Center for Computational Science (BCCS)
UNIFOB AS (University of Bergen Research Company)


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic