[jboss-dev-forums] [Design of JBoss Identity] - SAML Assertions
jkurtz.wa@gmail.com
do-not-reply at jboss.com
Mon Nov 3 20:13:40 EST 2008
Starting this to get some feedback on how SAML Assertions can be used with JBoss, especially JBossESB/Web Service Messaging. There are a number of applications for Web Based Identity Management, but there is nothing specific for an ESB.
The SAML Assertion itself should not change, and it appears like the Protocols (authentication flow) could all be used. There are SOAP bindings that could be adapted, but more research needs to be done just to understand how. Possibly, the message header could be treated like a SOAP header, but there is more work to be done.
A good place to get some background on SAML
http://en.wikipedia.org/wiki/SAML_2.0#SAMLBind
>From a high-level view, it looks like the components needed are:
1. Means to create/manage/validate the SAML Assertions
2. Which Protocols make the most sense and how to implement the best ones within JBoss ESB
3. Looking at the Bindings and determining how the SOAP ones fit into JBoss.
Any questions, feedback or comments are appreciated.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4186533#4186533
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4186533
More information about the jboss-dev-forums
mailing list