[jboss-dev-forums] [JBoss ESB Development] - Re: SAML Token Support

Tuesday, 20 October 2009

I am just coming to this late and for that I apologise.

"beve" wrote : The issuing of a SAML Assertion will be performed by an action in
the ESB called JBossSTSAction.

Can someone please explain why it was decided to write an action to do this rather than
use the LoginContext/LoginModule approach?  Is there any technical reason why that would
not work with SAML?

...
From what I understand, the SAML token is just another credential and
it seems to make more sense for this to be handled indirectly, through javax.security,
rather than through direct integration.  This would also make it easier when we come to
enforce the java security manager integration as we are likely to prevent all actions from
modifying this context. 
Kev

View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261239#...

Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-dev-forums] [JBoss ESB Development] - Re: SAML Token Support