/ Java Zone
Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

RESTful SAML?

DZone's Guide to

RESTful SAML?

by
Francois Lascelles
·
Jan. 15, 13 · Java Zone
Free Resource

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Just released, a free O’Reilly book on Reactive Microsystems: The Evolution of Microservices at Scale. Brought to you in partnership with Lightbend.

Existing brokered authentication standards such as SAML Web Browser SSO or OpenID accommodate RESTful web services for browser driven use cases. However, what about RESTful service composition patterns where identities need to be propagated across nested service invocations, or any RESTful Web service client that is not browser based for that matter? How should brokered authentication for such RESTful service calls be handled?

An interesting example of a RESTful Security Token Service (STS) was described in March 2009 by Pablo Cibraro (aka ‘cibrax’). In this post, cibrax offers a mapping between WS-Trust actions and HTTP VERBs as well as a .net implementation sample. In this case, Request Security Token (RST) and Request Security Token Responses (RSTR) are passed as payloads without SOAP envelopes. My favorite part of cibrax’s example is that once the token has been received by the RESTful client, cibrax chooses the standard ‘Authorization’ HTTP header as a vehicle for the token when consuming the RESTful Web service – arguably more RESTful than an ugly form parameter.

This illustrates that not only token services and identity providers must adapt to enable SAML for RESTful Web services. Service providers and brokers must also accommodate the support of such patterns and the standardization of a binding would further the adoption of SAML for RESTful Web services.

Strategies and techniques for building scalable and resilient microservices to refactor a monolithic application step-by-step, a free O'Reilly book. Brought to you in partnership with Lightbend.

Like This Article? Read More From DZone

VirtualBox CentOS Second Network Dynamic Host
Stack vs. Heap: Understanding Java Memory Allocation
Eclipse IoT in London

Free DZone Refcard

Getting Started With Vaadin Framework 8
DOWNLOAD
Topics:

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of Francois Lascelles, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Java Partner Resources

Easily Build Continuous Delivery Pipelines with Jenkins and Pipeline Plugin
Play Framework: The JVM Architect's Path to Super-Fast Web Apps
Combine the Innovations of NoSQL with the Critical Capabilities of Relational Databases
Headless CMS and Your Business Team
Develop and Deploy Microservices with JHipster
Jenkins, Docker and DevOps: The Innovation Catalysts
Making Sense of the Container Ecosystem: Kubernetes Comparison eBook
Microservices for Java Developers: A Hands-On Introduction to Frameworks & Containers
Modern Java EE Design Patterns: Building Scalable Architecture for Sustainable Enterprise Development
We have the data behind great user experiences. Now you can too. Read the infographic.
Kubernetes Deployment Models: The Ultimate Guide
CA App Experience Analytics, a whole new level of visibility. Learn more.

Java Partner Resources

Easily Build Continuous Delivery Pipelines with Jenkins and Pipeline Plugin
Play Framework: The JVM Architect's Path to Super-Fast Web Apps
Combine the Innovations of NoSQL with the Critical Capabilities of Relational Databases
Headless CMS and Your Business Team
THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone