Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes Web Services and the fly likes SAML Assertions Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of The Mikado Method this week in the Agile and other Processes forum!
JavaRanch » Java Forums » Java » Web Services
Reply Bookmark "SAML Assertions" Watch "SAML Assertions" New topic
Author

SAML Assertions

Maya Raman
Greenhorn

Joined: Mar 05, 2007
Posts: 10
posted private message
0
Quote
I am really confused about where to place SAML assertions - should it go into the wsse Security Header, contained in the SOAP header? or Should it go into the SOAP body?

If it will be in the SOAP Header, what would the SOAP body contain? would it be empty? Also, can I still encrypt assertions in the header, so that they won't be in cleartext?

If it should be in the SOAP body, well, I don't how to put it there. I am using wss4j.

Can someone PLEASE guide me on this, thanks!
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 35237
    
    7
posted
0
Quote
Let's see if someone in the Web Services forum knows about this.

Android appsImageJ pluginsJava web charts
Maya Raman
Greenhorn

Joined: Mar 05, 2007
Posts: 10
posted private message
0
Quote
Just wanted to update that while most of my question about where to place it still remains, I did figure out how to encrypt them. Thanks!
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: SAML Assertions
 
Similar Threads
SchemaValidationFeature doesn't validate the contents of the SOAP header
SAML/SSO weakness?
adding arbitary xml to soap headers using SAAJ
Suggest an open source SAML token generator
Regarding SAML