I'm considering securing a whole Java EE software platform with OpenAM (prev. Sun OpenSSO). Applications - running on WebLogic AS - would be secured by a JEE Policy Agent and web services with WS-Security SAML Token Profile.
As of my understanding, the SSOTokenManager enables application code to retrieve OpenAM's SSO token. But in order to invoke the SAML protected Web Services, I need to obtain a SAML Assertion from OpenAM. Can anybody tell me how to do so ?
Also, in the W开发者_如何学Pythoneb Service code, I may need to get back a SSO Token from a SAML assertion. Is that possible ?
You should be able to achieve both conversions using OpenSSO's Security Token Service. There is a tutorial for configuring it.
The SSOToken is an internal OpenAM representation of a users session, whilst a SAML token is an asserted identity with associated information. As such, these are not directly translatable in the way you describe.
In order to obtain a SAML token for use in your web service call, you should look at the STS functionality in OpenAM. The is a standardised service that will authenticate users and then make an assertion about the identity and authentication of the user, represented by a SAML token. This token is then returned to the calling entity (the web service client) who can include this token as per the relevant WS-* standards.
You may also want to look at the OpenAM wss provider or the Metro/WSIT library to assist implementation on the client side.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论