+

Search Tips   |   Advanced Search

 

XML token

 

XML tokens are offered in two formats, Security Assertion Markup Language (SAML) and Extensible rights Markup Language (XrML). XML-based security tokens are growing in popularity. Two well-known formats are:

Use extensibility of the <wsse:Security> header in XML-based security tokens, you can directly insert these security tokens into the header.

SAML assertions are attached to Web services security messages using Web services by placing assertion elements inside the <wsse:Security> header. The following example illustrates a Web services security message with a SAML assertion token.

<S:Envelope xmlns:S="...">&
      <wsse:Security xmlns:wsse="...">
          <saml:Assertion
                    MajorVersion="1" 
                    MinorVersion="0"
                    AssertionID="SecurityToken-ef375268"
                       Issuer="elliotw1" 
                       IssueInstant="2002-07-23T11:32:05.6228146-07:00"
                     xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
                     ...
           </saml:Assertion>
      </wsse:Security>
 </S:Header>
 <S:Body>
 ...
 </S:Body>
</S:Envelope>

For more information on SAML and XrML, see Web services: Resources for learning.

There is an important distinction between V5.x and V6.0.x and later applications. The information in this article supports V5.x applications only that are used with WebSphere Application Server V6.0.x and later. The information does not apply to V6.0.x and later applications.


 

Related concepts


User name token
Binary security token
Security token
Web services
Overview of token types

 

Related Reference


Web services: Resources for learning