hello there! i finally got the SAML over SSL example to work, so my question
is what to do next. How can I create my very own SAML assertion and how is it
actually verified? We have a custom realm that works with an LDAP and a
Database in order to do the logins for the users. many thanks chris
Your Sts service that issues Tokens to users , could invoke LDAP, Kerberos, Certificate Authority, revocations lists of certificates, other service over XKSMS in order to verify the user in Your/outer domain.
To communicate wiith LDAP yous java Jndi API, OpenDS api or Novel LDAP api.
In Metro You could create a STS service and Secured WSP.
In STS use Mutual Certificates , and in WSP use STS Issued Token as in configuration mechanisms.
Please use the symmetric crypto mechanisms in YOur first investigations.
For this scenario You should have a proper certificates, i suggest to use the provided from GF/ Metro first.