New Article: Using WS-Trust Support in Metro to Secure Web Services

I just published a new tech tip:
Using WS-Trust Support in Metro to Secure Web Services

It focuses on how to use different types of proof keys associated with issued tokens from an STS to secure Web services.

Comments:

The link is broken

Posted by Yaron Naveh on October 15, 2008 at 09:16 PM PDT #

Yaron: Fixed. Thank you!

Posted by Jiandong Guo on October 15, 2008 at 09:58 PM PDT #

Hi Jiandong Guo.
I have read the article of you. Very interesting.
I have to write a diploma thesis in which I have to call web services out of a java application. What I need is the user name that calls the web service. I spent about 2 weeks in studying Sun Java System Access Manager for this but now I think it is to big for my thesis. My question is now: Is it possible to realize it with the mechanism you described in your article? I mean the user should login when he starts the application with username and password. Then he can call different web services but on the server I should know his username (identity based web services).

I hope you can give me just an advise if I can do this with the STS of Metro so that I don't loose more time in studying the mechanism.

Thanks.

Posted by Stefan Meichtry on October 21, 2008 at 07:35 PM PDT #

Yes, you can. Login to the STS using username password. And then using the SAML asaertion carrying the username
to access the different services.

Posted by Jiandong Guo on October 22, 2008 at 07:37 AM PDT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

Jiandong Guo

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today