In Part 1 of this article, I discussed using a Java application as a Web service client and a creative way to secure that client using JAAS and SAML. Part 2 is a consequence of the same application, but I examine how to attach a SAML token to a SOAP message from within a Java application to invoke a Web service that is secured using WS-Security SAML policy file. Here I focus on the mechanism needed to invoke a secure Web service.
Read the complete article by Frank Teti at Dr. Dobb's Journal.