Reputation: 509
Spring WS Security WSS4J with SAML from WSO2
Earlier I was in assumption that, WSS4J is not compatible with SAML, but as I see this http://jaminhitchcock.blogspot.in/2014/05/creating-and-validating-saml-assertions.html , I hope to give a try. But I want to use a Identity Provider(WSO2) to generate SAML token. So I should be able to configure WSS4J with a SecurityPolicy.xml file which verifies the token from Identity Provider. Please let me know where can I start looking for it?
Thanks
Upvotes: 1
Views: 1376
Answers (1)
Reputation: 5821
There are two ways that you can generates SAML tokens with Identity Server.
Use Identity Server as SAML2 SSO IDP that implements SAML2 SSO web browser based profile.
Use Identity Server as STS (Security Token Server) with WS-Trust specification.
I think, It is more likely that you are hoping to use Identity Server as STS. With STS, Identity Serve provides a web service to retrieve SAML tokens. This STS web service can be secured with WS-Security mechanism by default. As an example, you can secure STS service with user name token. Then client needs to send the RST request with user name token. Once user it authenticated, client would be received a SAML token. I think, you can find some information about STS service from here
Upvotes: 1
Related Questions
- Spring and WSO2 Identity Server
- LoggedInSessionBean reference
- WSO2 and Spring SAML single logout issue
- Spring SAML wso2
- Registering a SAML application (without SSO) with WSO2 Identity Server
- Spring SAML integration with WSO2 Identity server, SAML Message ID not reconised
- Error on implementing spring-saml-security with WSO2
- SAML2.0 SSO with the WSO2 Identity Server?
- WSO2 Identity Server 4 SAML metedata
- Anyone using Spring-ws with SAML authentication?