[jboss-dev-forums] [JBoss ESB Development] - Re: SAML Token Support
Kevin.Conner@jboss.com
do-not-reply at jboss.com
Tue Oct 20 11:00:51 EDT 2009
"anil.saldhana at jboss.com" wrote : I think that strategy is correct.
Sorry, but I disagree :)
"anil.saldhana at jboss.com" wrote : Validation has to happen through pluggable login modules. Toward this, the STS login module seems appropriate.
agreed.
"anil.saldhana at jboss.com" wrote : When the ESB layer has to generate SAML tokens, it needs to contact the STS. Hence it needs some integration logic (satisfied by the STS Action).
But it shouldn't be, if I understand things correctly. It should still be handled through the JAAS layer.
"anil.saldhana at jboss.com" wrote : I am assuming that the token generation happens before the ESB layer is called. Once an entity gets hold of the token, the ESB call is made with the token. Now on the ESB side, the login module is fielded to validate.
This action is within the ESB itself, directly linked to the SAML implementation. I want us to leverage the normal JAAS mechanisms.
Kev
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261289#4261289
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261289
More information about the jboss-dev-forums
mailing list