[jboss-dev-forums] [Design of JBoss Identity] - Re: WS-Trust Integration in JBoss Identity
sguilhen@redhat.com
do-not-reply at jboss.com
Tue May 5 13:16:09 EDT 2009
Alessio,
anonymous wrote : I've done some basic research regarding CXF. First of all, let me clarify there's currently nothing implemented in Native stack regarding ws-trust, so the only way I see users using ws-trust is they call the STS you're implementing as they would do with any other service endpoint. Then they manually create the messages for the service provider, etc.
| I think that's basically the Option A you wrote before, isn't it?
Yes, that's it. We currently have no ws-trust integration code for the STS service, so clients must call the STS just like they would need to do with any other service endpoint.
Of course, this doesn't prevent us from implementing profiles for the STS (SAML, Kerberos, X.509, etc), but we want to have this integrated with JBoss WS at some point. I don't know how much work would be involved in implementing ws-trust (IssuedToken policy assertions) support for the native stack, so we could probably start with the JBossWS-CXF stack, even though it lacks server-side support for token validation.
What about JBossWS-Metro? Does it have support for ws-trust as of now?
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4228726#4228726
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4228726
More information about the jboss-dev-forums
mailing list