Red Hat Training
A Red Hat training course is available for JBoss Enterprise SOA Platform
Chapter 10. SAML Support
10.1. Security Assertion Markup Language (SAML)
Security Assertion Markup Language (SAML) is an XML-based OASIS standard method for exchanging security data between an identity provider and a service or consumer.
10.2. PicketLink
PicketLink is an umbrella project covering with a number of security and identity management sub-projects.
10.3. SAML Token
A SAML token is designed to pass information about an end user between an identity provider and a web service.
10.4. SAML Support in BPEL
If the ESB service uses PicketLink to obtain a SAML token, this assertion can be passed to the invoked BPEL process by means of the requestSAMLPartName property:
<action name="action2" class="org.jboss.soa.esb.actions.bpel.BPELInvoke"> <property name="service" value="{http://simple_invoke/helloworld}HelloHeaderWSService"/> <property name="operation" value="sayHi" /> <property name="requestPartName" value="sayHello" /> <property name="responsePartName" value="sayHelloResponse" /> <property name="requestSAMLPartName" value="Security" /> </action>
The
requestSAMLPartName
identifies the name of a message part. You must define this part as a WS-Security element:
<part name="Security" element="wsse:Security" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" />