Wednesday, December 23, 2009

Testing SAML polices

There are many testing tools (including one bundled with Oracle Fusion Middleware Control) that allow creating WS-Security username token and inserts it into the request message. But, if the service accepts a SAML token, then such tools don't come in handy. One has to develop a client application and apply SAML client policy to add SAML token to the message.

But, there's one free tool that can come in handy for such situations. It's Vordel SOAPbox.
Checkout this blog entry from Mark O' Neill for details, and give the tool a try.