Marcin Rembisz

Greenhorn
+ Follow
since Feb 11, 2013
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Marcin Rembisz

Did you get that working in WebSphere?
11 years ago
The customer requirement is to introduce SAML 2.0 token to implement
single-sign-on (SSO) using WAS 8.0.0.3. The high level security model/login
process for SSO is the following:

1) User logs in to external customer system

2) External primary JAAS system allows user to access if authorization is successfully

3) WebSphere Application server passes SAML token with username encapsulated to secondary internal JAAS login module

4) Internal JAAS login Filter intercepts a call

5) Custom login module is called and need to extract username from SAML token

6) If the login is known the User is authenticated and access granted to internal system, otherwise access is
denied.

I am wondering if anybody can help with providing information how the
SAML token can be obtain in custom login module (point 5 above) using WAS API, and next
how it can be consumed to retrieve issuing username? Is there any WAS specific API available to obtain the SAML token?

I have inspected the code samples in section "Sample code of generating
SAMLToken from SAML XMLStructure or InputStream " provide on the
following page:

http://pic.dhe.ibm.com/infocenter/wasinfo/v7r0/index.jsp?topic=%2Fcom.
ibm.websphere.javadoc.doc%2Fweb%2Fapidocs%2Fcom%2Fibm%2Fwebsphere%
2Fwssecurity%2Fwssapi%2Ftoken%2FSAMLTokenFactory.html

Unfortunately I was not able to find anything similar for token
consumer, could you point me to the right online resources if any, please?
11 years ago
The customer requirement is to introduce SAML 2.0 token to implement
single-sign-on (SSO) using WAS 8.0.0.3. The high level security model/login
process for SSO is the following:

1) User logs in to external customer system

2) External primary JAAS system allows user to access if authorization is successfully

3) WebSphere Application server passes SAML token with username encapsulated to secondary internal JAAS login module

4) Internal JAAS login Filter intercepts a call

5) Custom login module is called and need to extract username from SAML token

6) If the login is known the User is authenticated and access granted to internal system, otherwise access is
denied.

I am wondering if anybody can help with providing information how the
SAML token can be obtain in custom login module (point 5 above) using WAS API, and next
how it can be consumed to retrieve issuing username? Is there any WAS specific API available to obtain the SAML token?

I have inspected the code samples in section "Sample code of generating
SAMLToken from SAML XMLStructure or InputStream " provide on the
following page:

http://pic.dhe.ibm.com/infocenter/wasinfo/v7r0/index.jsp?topic=%2Fcom.
ibm.websphere.javadoc.doc%2Fweb%2Fapidocs%2Fcom%2Fibm%2Fwebsphere%
2Fwssecurity%2Fwssapi%2Ftoken%2FSAMLTokenFactory.html

Unfortunately I was not able to find anything similar for token
consumer, could you point me to the right online resources if any, please?
11 years ago