aspose file tools*
The moose likes Web Services and the fly likes SAML Assertions Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "SAML Assertions" Watch "SAML Assertions" New topic
Author

SAML Assertions

Maya Raman
Greenhorn

Joined: Mar 05, 2007
Posts: 10
I am really confused about where to place SAML assertions - should it go into the wsse Security Header, contained in the SOAP header? or Should it go into the SOAP body?

If it will be in the SOAP Header, what would the SOAP body contain? would it be empty? Also, can I still encrypt assertions in the header, so that they won't be in cleartext?

If it should be in the SOAP body, well, I don't how to put it there. I am using wss4j.

Can someone PLEASE guide me on this, thanks!
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39548
    
  27
Let's see if someone in the Web Services forum knows about this.


Ping & DNS - updated with new look and Ping home screen widget
Maya Raman
Greenhorn

Joined: Mar 05, 2007
Posts: 10
Just wanted to update that while most of my question about where to place it still remains, I did figure out how to encrypt them. Thanks!
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: SAML Assertions
 
Similar Threads
SAML/SSO weakness?
SchemaValidationFeature doesn't validate the contents of the SOAP header
Suggest an open source SAML token generator
Regarding SAML
adding arbitary xml to soap headers using SAAJ