• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Web Services Security using SAML v2.0 and XACML

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

We are building a series of web services as a part of Web Services Layer for a project. In this regard, if anyone can help me with the following scenario through the links to the defined tutorial or code snippets and steps that will be of great help:

Technology Stack proposed: Axis 2.0, Rampart, XACML, WebSphere 7.0

1. The Client will call a SOAP based web service over https. After the database authentication, the client will be issued a SAML v2.0 token with identity assestion and a role corresponding to the user. This token will be returned to the client.
2. The client will subsequently call the other web services. All this services will be bounded with a secure policy expecting the SAML token.
3. After the token authentication, the role should be checked at the individual service method level for the authentication. If the role does not match, the service should return an UnAuthorized exception to the user.

I am searching for a good example or tutorial but in vain.Kindly help me with the same.

Thanks and Regards,
 
reply
    Bookmark Topic Watch Topic
  • New Topic