Red Hat Training

A Red Hat training course is available for JBoss Enterprise SOA Platform

Chapter 10. SAML Support

10.1. Security Assertion Markup Language (SAML)

Security Assertion Markup Language (SAML) is an XML-based OASIS standard method for exchanging security data between an identity provider and a service or consumer.

10.3. SAML Token

A SAML token is designed to pass information about an end user between an identity provider and a web service.

10.4. SAML Support in BPEL

If the ESB service uses PicketLink to obtain a SAML token, this assertion can be passed to the invoked BPEL process by means of the requestSAMLPartName property:
        <action name="action2" class="org.jboss.soa.esb.actions.bpel.BPELInvoke">
	<property name="service" value="{http://simple_invoke/helloworld}HelloHeaderWSService"/>
	<property name="operation" value="sayHi" />
	<property name="requestPartName" value="sayHello" />
	<property name="responsePartName" value="sayHelloResponse" />
	<property name="requestSAMLPartName" value="Security" />
</action>
The requestSAMLPartName identifies the name of a message part. You must define this part as a WS-Security element:
<part name="Security" element="wsse:Security"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" />