ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzatz_5.4.0.1/51/webserv/wssecovtokxml.htm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">

<title>XML tokens</title>
</head>

<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>

<h6><a name="wssecovtokxml"></a>XML tokens</h6>

<p>XML-based security tokens are growing in popularity. The following formats are well-known examples:</p> 

<ul>
<li>Security Assertion Markup Language (SAML)</li>
<li>Extensible Rights Markup Language (XrML)</li>
</ul>

<p>The extensibility of the &lt;wsse:Security&gt; header in XML-based security tokens enables you to directly insert these security tokens into the header.</p>

<p>SAML assertions are attached to Web services security messages using Web services security by placing assertion elements inside the &lt;wsse:Security&gt; header. The following example illustrates a Web services security message with a SAML assertion token.</p>

<pre>&lt;S:Envelope xmlns:S=&quot;...&quot;&gt;
  &lt;S:Header&gt;
    &lt;wsse:Security xmlns:wsse=&quot;...&quot;&gt;
      &lt;saml:Assertion MajorVersion=&quot;1&quot; MinorVersion=&quot;0&quot; AssertionID=&quot;SecurityToken-ef375268&quot;
       Issuer=&quot;elliotw1&quot; IssueInstant=&quot;2002-07-23T11:32:05.6228146-07:00&quot;              
       xmlns:saml=&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;&gt;
        ...
      &lt;/saml:Assertion&gt;
        ...
    &lt;/wsse:Security&gt;
  &lt;/S:Header&gt;
  &lt;S:Body&gt;
    ...
  &lt;/S:Body&gt;
&lt;/S:Envelope&gt;</pre>

<p>For more information on SAML and XrML, see <a href="http://www-106.ibm.com/developerworks/library/ws-sectoken.html" target="_">WS-Security Profile for XML-based Tokens</a> <img src="www.gif" width="19" height="15" alt="Link outside Information Center"> (http://www-106.ibm.com/developerworks/library/ws-sectoken.html).</p>

</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">`
			`<html>`
			`<head>`
			`<META http-equiv="Content-Type" content="text/html; charset=utf-8">`
			`<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">`

			`<title>XML tokens</title>`
			`</head>`

			`<BODY>`
			`<!-- Java sync-link -->`
			`<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>`

			`<h6><a name="wssecovtokxml"></a>XML tokens</h6>`

			`<p>XML-based security tokens are growing in popularity. The following formats are well-known examples:</p>`

			`<ul>`
			`<li>Security Assertion Markup Language (SAML)</li>`
			`<li>Extensible Rights Markup Language (XrML)</li>`
			`</ul>`

			`<p>The extensibility of the <wsse:Security> header in XML-based security tokens enables you to directly insert these security tokens into the header.</p>`

			`<p>SAML assertions are attached to Web services security messages using Web services security by placing assertion elements inside the <wsse:Security> header. The following example illustrates a Web services security message with a SAML assertion token.</p>`

			`<pre><S:Envelope xmlns:S="...">`
			`<S:Header>`
			`<wsse:Security xmlns:wsse="...">`
			`<saml:Assertion MajorVersion="1" MinorVersion="0" AssertionID="SecurityToken-ef375268"`
			`Issuer="elliotw1" IssueInstant="2002-07-23T11:32:05.6228146-07:00"`
			`xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">`
			`...`
			`</saml:Assertion>`
			`...`
			`</wsse:Security>`
			`</S:Header>`
			`<S:Body>`
			`...`
			`</S:Body>`
			`</S:Envelope></pre>`

			`<p>For more information on SAML and XrML, see <a href="http://www-106.ibm.com/developerworks/library/ws-sectoken.html" target="_">WS-Security Profile for XML-based Tokens</a> <img src="www.gif" width="19" height="15" alt="Link outside Information Center"> (http://www-106.ibm.com/developerworks/library/ws-sectoken.html).</p>`

			`</body>`
			`</html>`