This week's book giveaway is in the Cloud/Virtualization forum. We're giving away four copies of Mastering Corda: Blockchain for Java Developers and have Jamiel Sheikh on-line! See this thread for details.
Please check this link out. This tutorial illustrates how you can enable SAML-based authentication between a web service client and a web service provider using the bundled Access Manager along with the integrated support for the WS-Security standard in Application Server's web services client and server-side containers.
Which Web Services stack are you using? Depending of the stack the configuration of WS-Security can vary, the integration of SAML too.
I am working for Oracle so I will talk about our stack but you can, as you have seen with the previous post, do the same with Netbeans.
So within OracleAS Web Service stack we have build it WS-Security, with SAML, in a declarative way; this is build in the stack. And you can do that from the administrative console, or the development tools (Oracle JDeveloper)
But one of the challenges is when you have define your security, how can you ensure that the same policy, in your case with SAML, is applied to all the services you need to (even if they are from different stacks) and how you can integrate that to your global identity management solutions are also some question you should ask and put in your project analysis when you talk about Web Services Security. The solution that we have within Oracle is part of our Fusion Middleware: Oracle Web Services Manager (OWSM)