[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] Want to implement SAML with web services
On 5/24/07, Scott Cantor <cantor.2@osu.edu> wrote: > > I want to implement SAML with web services, can somebody tell me where I > > can get a related example or help. > > The most relevant spec is the WS-Security SAML profile. The rest depends on > the use cases, and I think Liberty ID-WSF is the most understandable way to > use WS-* with SAML and SOAP. Yes, Scott is correct, that is one very logical approach. I'm not sure how much of that stack is currently implemented, however. Another approach is to bind the SAML to an X.509 certificate and then apply the WS-Security X.509 profile. This has the advantage that the same certificate can be used at the transport level. Globus implements WS-Security X.509 Token Profile and WS-SecureConversation since Globus Toolkit 4.0. Client tools that bind SAML to X.509 have been available since last December. A prototype plugin for GT4.0 that extracts and parses SAML in X.509 is currently being tested. It is likely this plugin will be incorporated into GT4.2, due out this fall. Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]