I have a pair of web applications written in Java 1.6.X using Wicket-1.5.x There is another organization where I work that maintains a public login portal for my web applications to integrate with that supplies user Identities via ADFS/SAML tokens.
They actually provide a sample application for me to look at but its written in ASP.net. The part of the application that does the checking of identities is using the Windows Identity Foundation classes and therefore is a non-starter. Doing a web search on Converting ASP.net code to Java code I found Grasshopper but I have VS 2010 and it "requires" 2008 and wont install.
I've created a simple test page that displays all the cookies it can find and while I'm getting: JSESSIONID, utma, utmz, utmb, utmc, none of my received cookies looks like a SAML token.
I've tried running the hosted version of the other organizations sample. and the Sample.domain.com cookies don't even exist until AFTER there sample applications secure page loads. So how do I get the identity information if the cookies are not CREATED until after my page is loaded?
is this where WS-Federation comes in?
