Google Groups Home
Help | Sign in
Mono Olive - developing 3.0, 3.5 and Silverlight
Home
+ new post
Pages
Files
About this group
Join this group
Message from discussion Olive WS-Trust STS
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
rowland  
View profile
  More options Jun 26 2007, 8:21 am
From: rowland <rowland.watk...@gmail.com>
Date: Tue, 26 Jun 2007 05:21:28 -0700
Local: Tues, Jun 26 2007 8:21 am
Subject: Re: Olive WS-Trust STS
Reply to author | Forward | Print | View thread | Show original | Report this message | Find messages by this author
Hi Atsushi,

> Actually there are some sample sets of clietn and server that
> uses WS-Security stuff (olive/samples/services/secure-messages dir).
> As far as I remember, sample 1 to 9 will work, and later won't.

Thanks for the pointer - I'll have a look at those first.

> However it is somewhat low-level samples that mostly do not create
> WSHttpBinding but creates couple of CustomBinding with my own
> SecurityBindingElements. So, if you want to use them, it will be
> harder than you'd do with .NET WCF.

Not to worry, we all have to start somewhere, even if it is low level.

> Besides, WS-Trust is not done. I remember that I've got stuck with
> wst:Authenticator (AUTH-HASH) miscalculation with either of
> SslSecurityTokenParameters and SspiSecurityTokenParameters. So,
> there is no secure WST requests/responses, which often does not
> make sense.

Hmm, this could be more challenging. My aim here is to have an Olive/
WCF client perform a WS-Trust issuance request (SAML) to a Java-based
STS. The requested SAML token would then be placed in the WS-Security
header of a new message (same client) to a target service, also Java-
based. All in the name of cross-platform, cross-framework
interoperability! I'll have to take another look at how WCF does all
this - my experience so far has been with WSE 3.0, but WCF is becoming
increasingly important.

> Having said that, WS-Security without Trust may work for you. But
> if you'd found issues, I don't think I have time to fix them.

WS-Security is a necessity, especially for interop. WS-Trust is a
bonus - as I've already mentioned, I only want a WS-Trust client - the
issuance and validation is done by an existing Java-based
infrastructure. I appreciate the information and pointers that you
have provided.

Cheers,

Rowland


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2008 Google