Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Web Services Security using SAML v2.0 and XACML

 
Avijeet Ghosh
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

We are building a series of web services as a part of Web Services Layer for a project. In this regard, if anyone can help me with the following scenario through the links to the defined tutorial or code snippets and steps that will be of great help:

Technology Stack proposed: Axis 2.0, Rampart, XACML, WebSphere 7.0

1. The Client will call a SOAP based web service over https. After the database authentication, the client will be issued a SAML v2.0 token with identity assestion and a role corresponding to the user. This token will be returned to the client.
2. The client will subsequently call the other web services. All this services will be bounded with a secure policy expecting the SAML token.
3. After the token authentication, the role should be checked at the individual service method level for the authentication. If the role does not match, the service should return an UnAuthorized exception to the user.

I am searching for a good example or tutorial but in vain.Kindly help me with the same.

Thanks and Regards,
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic