Saturday Dec 08, 2007

Metro Security - Configuring Kerberos Token Profile and Accessing SAML Assertions

Mosaic of Cerberus - From Valencia, Spain

Two new posts explaining advanced uses of Web Services security in Metro. First Ashutosh explains how to Run a Kerberos Token Profile based WS Security scenario as it was used at the Latest Plugfest at Redmont. This builds on an earlier entry describing earlier entry on the same topic.

Then Kumar shows how to programmatically Access the SAML Assertion in a WSIT Secure Scenario.

Tuesday Jun 12, 2007

Spnego 1.0 Released

Spnego Project Logo

The Spnego Project provides a Kerberos-over-SPNEGO plugin for JSR 196-compliant application servers. These are security technologies which can support complex integration scenarios such as single-sign-on all the way from your operating system login to a remote web application.

Greg Luck recently announced that the project team has completed a 1.0 release. They're doing development and testing on GlassFish V2, but their code shouldn't contain anything GlassFish-specific (since they align to JSR 196). Once other app servers support this standard, they too will be able to use the Spnego plugin. For more info, see the project's User Guide and FAQ.