[jboss-dev-forums] [JBoss ESB Development] - Re: SAML Token Support
beve
do-not-reply at jboss.com
Thu Sep 24 03:32:09 EDT 2009
Adding a SAML Assertion to outgoing SOAP Messages
=================================================
In what situations should the Assertion be added to the outbound SOAP Security Header:
1. SOAP Processor
SOAPProcessor expects the Body of the ESB Message to be a SOAPMessage. We could use an action that updates/adds a Security Header to the SOAP Message.
This can be done by adding the following action:
<action name="addSamlSecurityHeader" class="org.jboss.soa.esb.smooks.SmooksAction">
| <property name="smooksConfig" value="/smooks/smooks-saml-injector.xml" />
| </action>
2. SOAPClient (soapUI)
This action uses soapui for its processing. SOAPUI creates the actual SOAP Message and returns it as a String. But this action also supports
a smooks tranformation. We can use the same Smooks confuration as shown above. So this could be used for the configuration of SOAPClient like this:
<property name="smooksTransform" value="/smooks/smooks-saml-injector.xml" />
3. SOAPClient (WISE)
Since WISE uses JAXWS then we should be able to use a protocol handler for SOAP to add the header.
WISE supports both specifying a 'smooksTransform', like the SOAPUI SOAPClient, and also custom handlers. One such handler can be found in
org.jboss.soa.esb.actions.soap.SOAPSamlHandler.
4. SOAPProxy
HTTPProxy also expects the Body of the ESB Message to be a SOAPMessage. Here too the same Smooks configuration can be used.
Anything you can think of that I've missed?
Thanks,
/Daniel
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4256787#4256787
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4256787
More information about the jboss-dev-forums
mailing list