[jboss-dev-forums] [Design of Security on JBoss] - Re: Security Certificate
jabailo
do-not-reply at jboss.com
Fri Sep 5 12:18:38 EDT 2008
Turns out the scope of my applcation is going to be a lot smaller.
I only need to host a "partner" app that receives a SAML token and gives access to my secured application using POST response.
Questions:
1. Can I use any of the Test-sso source code for this? What classes would be of use to me?
2. Can I integrate the certificate at this level? Does the basic framework exist for me to write that?
3. I understand that SAML (I'm using 1.1) is a SOAP protocol, yet it's sent as an HTTP POST. Does that mean I have to use a web service to process it? Or are there simple classes for receiving the POST with SOAP in Tomcat that allow me to parse the SAML and make use of its attributes?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4174659#4174659
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4174659
More information about the jboss-dev-forums
mailing list