How is a SAML token used by OWSM for identity propagation?
As each web service in a chain is invoked, OWSM generates a SAML token and inserts it in the WS-Security header of the request message.
A SAML token is generated on invocation of the first web service in a chain and is stored in the Java Authentication and Authorization (JAAS) Subject so it can be used throughout the transaction by subsequent web services.
A SAML token is used to determine the destination address of the next web service in the chain.
The SAML token, embedded in the X.509 certificate or Kerberos ticket, is extracted by OWSM and delivered to the next web service in the chain.
Want to practice for 1Z0-478 - Oracle SOA Suite 11g Essentials Exam ?