I am trying to use Software AG provided SAML authentication policies for implementing WS-Security. Has anyone succesfully used these policies? I have basic questions regarding these policies for which I did not get any information from documentation.
- What are the requirements for the security token service (STS) used by these policies? I tried using CXF-STS and JBoss Picketlink STS, but did not have any success. Does SoftwareAG recommend any specific STS implementation?
- It seems the out of box policies are supported only by the provider descriptor. How do we implement SAML authentication on the consumer descriptor?
- Is there any sample/demo avaialable regarding these?