[jboss-user] [Security & JAAS/JBoss] - Re: How is JBoss SSO SAML token been validated?
do-not-reply at jboss.com
Thu Jul 10 23:20:52 EDT 2008
Thank you for the detailed explanation.
There is one thing that is still not clear to me: when validating a token, how does it know which partner issued the token? There is a "issuer" element in the SAML xml (in my demo, the token shows Issuer="ssodemo:site1"). But this issuer value is what I specified in the context.xml file:
| <Valve className="org.jboss.security.valve.SSOTokenManager" assertingParty="ssodemo:site1" />
And this value would not be visible to the federate server...
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4163745#4163745
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4163745
More information about the jboss-user