 |
December 2007 Archives
Accessing the SAML Assertion in the WebService
Posted by kumarjayanti on December 07, 2007 at 01:01 AM | Permalink
| Comments (8)
A Question that is often asked is, I am Using a WSIT Secure
Scenario containing SAML Assertion, How do i access the SAML Assertion ?
Here is how you can access the SAML Assertion inside your WebService
Endpoint Implementation Class. Note the method getSAMLAssertion() in
particular.
package test;
import com.sun.xml.wss.SubjectAccessor;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.XWSSecurityRuntimeException;
import com.sun.xml.wss.saml.util.SAMLUtil;
import java.util.Set;
import javax.annotation.Resource;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebService;
import javax.security.auth.Subject;
import javax.xml.stream.XMLStreamException;
import org.w3c.dom.Node;
import javax.xml.stream.XMLStreamReader;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.ws.WebServiceContext;
import org.w3c.dom.Element;
@WebService()
public class NewWebService {
@Resource
private WebServiceContext context;
@WebMethod(operationName = "operation")
public String operation(
@WebParam(name = "parameter") String parameter) {
System.out.println("Hello "
+ parameter);
//get the Assertion from the
Context
Element samlAssertion =
getSAMLAssertion(context);
//dump the assertion to
STDOUT
try {
dumpDomNode(samlAssertion);
} catch (
TransformerException ex) {
System.out.println("Error Dumping SAML Assertion");
}
return "Hello " + parameter;
}
private static Element
getSAMLAssertion(WebServiceContext context) {
try {
Subject subj = SubjectAccessor.getRequesterSubject(context);
Set<Object> set = subj.getPublicCredentials();
Element samlAssertion = null;
for
(Object obj : set) {
if (obj instanceof XMLStreamReader) {
XMLStreamReader reader = (XMLStreamReader) obj;
//To create a DOM Element representing the Assertion :
samlAssertion = SAMLUtil.createSAMLAssertion(reader);
return samlAssertion;
}
}
} catch (XMLStreamException
ex) {
//TODO:Add custom error handling logic
throw new XWSSecurityRuntimeException(ex);
} catch
(XWSSecurityException ex) {
//TODO:Add custom error handling logic
throw new XWSSecurityRuntimeException(ex);
}
return null;
}
private static void dumpDomNode(Node node) throws
TransformerException {
System.out.println("====
DebugUtil.dumpDomNode(...) Start ====");
DOMSource domSource = new
DOMSource(node);
TransformerFactory tf =
TransformerFactory.newInstance();
Transformer xform = null;
xform = tf.newTransformer();
xform.transform(domSource,
new StreamResult(System.out));
System.out.println();
System.out.println("====
DebugUtil.dumpDomNode(...) End ====");
}
}
Securing Metro WebServices Using Kerberos Tokens
Posted by kumarjayanti on December 06, 2007 at 08:12 AM | Permalink
| Comments (0)
My Colleague Ashutosh has posted a nice blog on how to secure Metro
WebServices using Kerberos Tokens.
http://blogs.sun.com/ashutosh/entry/running_kerberos_token_profile_scenario
Support for Kerberos Token Profile would be available in Metro
1.1 release (to be out soon). If you want to try it right away
then you can do so by downloading the latest nigtly here.
The Metro Kerberos Implementation was tested for interoperability
with .NET implementation last
month.
|
java.net RSS Feeds
