• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Is SAML used by WS-Security?

 
Bartender
Posts: 2418
13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
In EPractice Lab, a question "Which of the following security technologies are used by WS-Security?"
A. SAML
B. XACML
C. XML Encryption
D. XML Canonicalization
E. XML Digital Signatures.

I believe the answer should be A, C, D, E.
But the given answer is C,D,E.
Why SAML is not used by WS-Security?
According to http://en.wikipedia.org/wiki/WS-Security about WS-Security:


The protocol...allows the communication of various security token format: SAML....




... open to various security token models: SAML Assertions, X 509 Certificate, Kerberos tickets ....

 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
WS-Security does not use any specific token itself ; those token types can be sent using WS-Security, though.
 
Himai Minh
Bartender
Posts: 2418
13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I found a SAML assertion token from WS-Security SAML Token Profile 1.1
Does it mean WS-Security uses SAML ?


<S12:Envelope
xmlns:S12=
"...">
<S12:Header>
<wsse:Security
xmlns:wsse="..."
>
<saml:Assertion
xmlns:saml="
...
"
AssertionID="_a75adf55-01d7-40cc-929f-dbd8372ebdfc"
IssueInstant="2003-04-17T00:46:02Z"
Issuer=”
www.opensaml.org

MajorVersion="1"
MinorVersion="1">
<saml:AuthenticationStatement>
<saml:Subject>
<saml:NameIdentifier
NameQualifier="www.example.com"
Format=“urn:oasis:names:tc:SAML:1.1:nameid-
format:X509SubjectName”>
uid=joe,ou=people,ou=saml-demo,o=baltimore.com
</saml:NameIdentifier>
<saml:SubjectConfirmation>
<saml:ConfirmationMethod>
urn:oasis:names:tc:SAML:1.0:cm:bearer
</saml:ConfirmationMethod>
</saml:SubjectConfirmation>
</saml:Subject>
</saml:AuthenticationStatement>
</saml:Assertion>
</wsse:Security>
</S12:Header>
<S12:Body>
. . .
</S12:Body>
</S12:Envelop>

 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
WSS can make use of SAML tokens, but that's optional.
 
Those who dance are thought mad by those who hear not the music. This tiny ad plays the bagpipes:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic