I want to implement an outbound gateway for WS-Trust that:
- intercepts all outbound SOAP messages
- sends an RST to an STS.
- includes the respond SAML token in the SOAP header of the message before invoking an external service.
I found WSO2 ESB which may act as such a gateway. I think I may implement a Java class (with Apache Axis) to do the underlying steps (1-3). Then I will let the ESB calls this Java class. Do you think it is possible? Any samples would be very helpful.
Do you have any suggestions alternative than WSO2 ESB?
Many thanks
To answer my own question, I use Apache Synapse as an ESB gateway to intercept outbound SOAP message. In particular, I use the Class Mediator of Synapse [1] to intercept the SOAP message. Upon receiving a SOAP message, the mediator uses a STSClient from Rampart [2] to send a RST to an STS service and includes the respond token in the SOAP Header. Rampart should work well in Synapse environment.
[1] http://synapse.apache.org/userguide/samples/sample380.html
[2] https://axis.apache.org/axis2/java/rampart/apidocs/org/apache/rahas/client/STSClient.html