aspose file tools*
The moose likes Web Services and the fly likes Web Services Security using SAML v2.0 and XACML Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "Web Services Security using SAML v2.0 and XACML" Watch "Web Services Security using SAML v2.0 and XACML" New topic
Author

Web Services Security using SAML v2.0 and XACML

Avijeet Ghosh
Greenhorn

Joined: May 27, 2011
Posts: 1
Hello,

We are building a series of web services as a part of Web Services Layer for a project. In this regard, if anyone can help me with the following scenario through the links to the defined tutorial or code snippets and steps that will be of great help:

Technology Stack proposed: Axis 2.0, Rampart, XACML, WebSphere 7.0

1. The Client will call a SOAP based web service over https. After the database authentication, the client will be issued a SAML v2.0 token with identity assestion and a role corresponding to the user. This token will be returned to the client.
2. The client will subsequently call the other web services. All this services will be bounded with a secure policy expecting the SAML token.
3. After the token authentication, the role should be checked at the individual service method level for the authentication. If the role does not match, the service should return an UnAuthorized exception to the user.

I am searching for a good example or tutorial but in vain.Kindly help me with the same.

Thanks and Regards,
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Web Services Security using SAML v2.0 and XACML