• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

SAML Assertions

 
Maya Raman
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am really confused about where to place SAML assertions - should it go into the wsse Security Header, contained in the SOAP header? or Should it go into the SOAP body?

If it will be in the SOAP Header, what would the SOAP body contain? would it be empty? Also, can I still encrypt assertions in the header, so that they won't be in cleartext?

If it should be in the SOAP body, well, I don't how to put it there. I am using wss4j.

Can someone PLEASE guide me on this, thanks!
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Let's see if someone in the Web Services forum knows about this.
 
Maya Raman
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Just wanted to update that while most of my question about where to place it still remains, I did figure out how to encrypt them. Thanks!
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic