Note: This function is supported for legacy purposes. For new scripts, we recommend that you use web_service_set_security_saml_ex.

Example: web_service_set_security_saml and web_service_cancel_security_samlWeb Services Functions (SOAP, WEB_SERVICE, Silverlight)

Adds security tokens to subsequent soap and web service calls using SAML.

int web_service_set_security_saml( [const char * IssuerURL,] [const char * Username, const char * Password,] [const char * PasswordOptions,] [const char * CertStoreLocation,] [const char * CertStoreName,] [const char * CertSubjectName,][const char * PolicyFile,] LAST );
IssuerURL The STS end point URL.
Username The user name to send to the STS.
Password The STS password.
PasswordOptions A value that specifies how the password is sent in SOAP messages. Possible values are SendPlainText, SendNone, and SendHashed.
CertStoreLocation A value that specifies the location of the X.509 certificate store. Possible values are CurrentUser and LocalMachine.
CertStoreName The name of the certificate store. For an up-to-date list of possible values, see the Microsoft .NET Framework class library StoreName enumeration documentation .
CertSubjectName The certificate subject name.
PolicyFile The policy file that configures the security for the RST and WebService. The test script uses policies issuerPolicy and servicePolicy. If no policy file is specified, the default policy file in the DAT directory is used.
LAST A marker that indicates the end of the arguments list.

The web_service_set_security_saml function gets a token to be attached at each subsequent soap_request and web_service_call invocation using the Security Assertion Markup Language (SAML). The tokens remain in effect until the next web_service_set_security_saml or web_service_cancel_security_saml call.

The "IssuerUrl" argument is required. All other arguments are optional.

The certificate settings can be provided in the policy files instead of the script.

At each web_service_call, security tokens are processed before attachments.

Return Values

This function returns LR_PASS (0) on success, and LR_FAIL (1) on failure. Note that in many cases, this return value indicates the technical success of the function, and not the result. For example, a function that registers a string to be found in a subsequent step returns LR_PASS to indicate that the registration was successful. This does not indicate that the string was found in the server response.


All attribute values of web_service_set_security_saml can be parameterized except as noted in the descriptions of the attributes.