Example: web_service_set_security_saml_ex and web_service_cancel_security_saml_ex Web Services Functions (SOAP, WEB_SERVICE, Silverlight)

Adds security tokens to subsequent soap and web service calls using SAML. The web_service_set_security_saml_ex function works with the WCF/.NET toolkit.

int web_service_set_security_saml( [const char * IssuerURL,] [const char * Username, const char * Password,] [const char * TokenType,] [const char * KeyType,] [const char * AudienceUris,] LAST );
IssuerUrl The STS end point URL.
Username The user name to send to the STS.
Password The STS password.
TokenType The SAML version to use for the security token. Possible values are SAML1.1 and SAML2.0.
KeyType The SAML key type to use. Possible values are Asymmetric, Bearer, and Symmetric.
AudienceUris The audience URIs which are agreed upon by client and STS. Separate URIs using commas.
LAST A marker that indicates the end of the arguments list.

The web_service_set_security_saml_ex function gets a token to be attached at each subsequent soap_request and web_service_call invocation using the Security Assertion Markup Language (SAML). The tokens remain in effect until the next web_service_set_security_saml_ex or web_service_cancel_security_saml_ex call.

The IssuerUrl argument is required. All other arguments are optional.

At each web_service_call, security tokens are processed before attachments.

Note: The web_service_set_security_saml_ex function can be used only when the toolkit assigned to the Web Services script is WCF/.NET Framework. We recommend that you use this function (rather than web_service_cancel_security_saml), even when using SAML 1.1 security tokens.

Return Values

This function returns LR_PASS (0) on success, and LR_FAIL (1) on failure. Note that in many cases, this return value indicates the technical success of the function, and not the result. For example, a function that registers a string to be found in a subsequent step returns LR_PASS to indicate that the registration was successful. This does not indicate that the string was found in the server response.


All attribute values of web_service_set_security_saml_ex can be parameterized except as noted in the descriptions of the attributes.