Win a copy of Practical SVG this week in the HTML/CSS/JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

SAML in Web Services

 
Tim Bels
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello all!

I should use SAML security in my Web Service projects.
Can anyone suggest where to start, what products are available (Axis? WebSphere?) and where to find sample project how it's done?

I would be very thankfull.

Cheers,

TB
 
Watsh Rajneesh
Ranch Hand
Posts: 110
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Please check this link out.
This tutorial illustrates how you can enable SAML-based authentication between a web service client and a web service provider using the bundled Access Manager along with the integrated support for the WS-Security standard in Application Server's web services client and server-side containers.
 
Sumit Amar
Ranch Hand
Posts: 180
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'd suggest reading a little bit on Wiki (http://en.wikipedia.org/wiki/SAML) first to learn the fundamentals and then hitting on a code implementation site
 
Tugdual Grall
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Tim,

Which Web Services stack are you using?
Depending of the stack the configuration of WS-Security can vary, the integration of SAML too.

I am working for Oracle so I will talk about our stack but you can, as you have seen with the previous post, do the same with Netbeans.

So within OracleAS Web Service stack we have build it WS-Security, with SAML, in a declarative way; this is build in the stack. And you can do that from the administrative console, or the development tools (Oracle JDeveloper)

But one of the challenges is when you have define your security, how can you ensure that the same policy, in your case with SAML, is applied to all the services you need to (even if they are from different stacks) and how you can integrate that to your global identity management solutions are also some question you should ask and put in your project analysis when you talk about Web Services Security. The solution that we have within Oracle is part of our Fusion Middleware: Oracle Web Services Manager (OWSM)

Regards
Tugdual Grall
 
Tim Bels
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm using UISecures UILogin.
BUT if there are any genaral libraries that implements SAML 2.0 I also
interested about them,

Cheers!
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!