I have requirement to retrieve a SAML token from a WS request. How can I achieve this in APACHE CXF ans SPRING WS?
If there are code samples to refer or articles, I will be glad to learn from them.
Another question how can I protect a REST service invocation? In SOAP WS, I will have SAML token that contains user principle. Pointers to these will really help me
Thanks,
Sandeep
The best source for information along these lines is probably here:
http://cxf.apache.org/fediz.html
Related
I'm in process of consuming the SAML post request using Java.
Here I need to construct on SAML request and need to send the same to SAML sos server, I'm not sure how we can achieve it using Java as i checked with httpPost client and related stuff, but I didn't get any success for the same.
Can anyone guide me how I can consume SAML based SSO request using Java?
Thanks,
Kuldeep
You would need to read the SAMLResponse from the Body of the Http Post Request like you'd read any other value sent in a form and then use appropriate libraries like XMLBeans to parse and read the value of XML.
The value comes as base64 encoded, so first you will decode it, then parse the XML, then verify the XML Signature (if required) and then use the values.
One example is given here: https://github.com/oaeproject/SAMLParser/blob/master/src/main/java/org/sakaiproject/SAMLParser/SAMLParser.java
I would recommend you to understand how SAML 2.0 works before implementing it, I found the wikipedia article for that quite helpful : https://en.wikipedia.org/wiki/SAML_2.0
ive read somewhere that the WS-Security specification (in JAX-WS) is concerned with three main area of focus:
Security token validation (authentication)
Message integrity (signing)
Message confidentiality (encryption and decryption)
QUESTION:1
Number 1 can be implemented using WSS4j. I'm looking for ways how to implement #2 and #3 or does WSS4J handle that too? if yes how?
QUESTION:2
Can this be done in REST? or anything similar to this.
Thanks,
Yes, WSS4J takes care of all of these things, in conjunction with a SOAP Stack such as Apache CXF. There is lots of content online about using WS-Security with CXF.
Yes it can all be done for REST too. Message integrity and confidentiality can be done using the JWS/JWE specs (implemented by CXF as well btw), authentication can be done via OpenID Connect, SAML SSO, Kerberos, HTTP/BA, etc etc.
Can anyone tell me step by step procedure on how to implement rest api in wso2esb server.
I have written the code in php & mysql to display student data in json format.
so when i visit following url in browser http://localhost/student/list_student i will get the list of user in json format
Now I want to get these json using wso2esb ?
And also do I need wso2 application server for restapi implementation?
Please refer to the detailed WSO2 documentation on how to create a REST API using WSO2 ESB server at [1]. Please do post a separate question if you have any specific queries related to your implementation of the REST API. Thanks.
[1] https://docs.wso2.com/display/ESB490/Creating+APIs
Cheers,
Pubudu.
According to your question you already have a backend which returns students data. You may use article [1] to create a REST API and expose it through the WSO2 ESB. Just call the existing end point and expose data in REST format through WSO2 ESB.
[1] http://wso2.com/library/articles/2013/12/restful-integration-with-wso2-esb/
I'm trying to use wso2 as SAML2 IdP and I need to extract the IdP metadata.
Do you know how I can do it?
Posting the answer since somebody else will be looking for it.
WSO2 IS at the moment does not have the capability to auto generate the metadata file.
But you can use the metadata file here which is prepared following the standards.
Have you tried the url: https://localhost:9443/samlsso
This blog post seems to describe what you are trying to achieve: link
I'm a newbie at SAML. My question is simple:
Upon a SAML request, what do IdPs usually do?
I guess they first parse the XML — and then? Can anybody describe the steps? I mean the common steps, that every IdP has to do at the very least.
The wikipedia article on this actually contains a lot of the information you need:
http://en.wikipedia.org/wiki/SAML_2.0
Look at the example SAML 2.0 Auth Request and Response plus the list of steps involved. The simplest method is the "SP POST Request IdP POST Response" so start with that. It's not the only option for deploying SAML 2.0, there's others also described there as well. Hope that helps.