mace-opensaml-users - RE: Re: Using opensaml to secure Web Services using Axis and EJBs
Subject: OpenSAML user discussion
List archive
- From: "Scott Cantor" <>
- To: <>, <>
- Subject: RE: Re: Using opensaml to secure Web Services using Axis and EJBs
- Date: Thu, 19 May 2005 11:03:45 -0400
- Organization: The Ohio State University
> Thanks for the info! But I actually don't want to use the
> WS-Security SAML Token Profile. I just want to use SAML for
> authentication and maybe authorization. Is opensaml still the
> right choice then?
If you're not using the WSS profile, then whatever you're doing is entirely
made up by you. If it involves SAML, you can certainly use OpenSAML to
assist you, but there's no guidance anywhere for what you want to do. Apart
from basic advice not to violate the core spec, you're pretty much on your
own.
For that matter, WSS by itself also provides no real guidance. It's like the
foundation of the house. You need it, but it's not enough.
Basically, web services security is in its infancy.
-- Scott
- Using opensaml to secure Web Services using Axis and EJBs, matthijs_van_der_loos, 05/19/2005
- Re: Using opensaml to secure Web Services using Axis and EJBs, Tom Scavo, 05/19/2005
- <Possible follow-up(s)>
- Re: Re: Using opensaml to secure Web Services using Axis and EJBs, matthijs_van_der_loos, 05/19/2005
- RE: Re: Using opensaml to secure Web Services using Axis and EJBs, Scott Cantor, 05/19/2005
Archive powered by MHonArc 2.6.16.