[jboss-dev-forums] [JBoss ESB Development] - Re: SAML Token Support
Kevin.Conner@jboss.com
do-not-reply at jboss.com
Tue Oct 20 07:48:21 EDT 2009
I am just coming to this late and for that I apologise.
"beve" wrote : The issuing of a SAML Assertion will be performed by an action in the ESB called JBossSTSAction.
Can someone please explain why it was decided to write an action to do this rather than use the LoginContext/LoginModule approach? Is there any technical reason why that would not work with SAML?
>From what I understand, the SAML token is just another credential and it seems to make more sense for this to be handled indirectly, through javax.security, rather than through direct integration. This would also make it easier when we come to enforce the java security manager integration as we are likely to prevent all actions from modifying this context.
Kev
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261239#4261239
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261239
More information about the jboss-dev-forums
mailing list