robertivey wrote:

> How would I go about securing a web service, such as SOAP with Access
> Manager. I would like to be able to secure web services that do not
> provide authentication mechanisms of their own, as well as provide SSO
> and Authorizations for web services from the identity provider if
> possible.

Hmm...good question. I don't think NAM is the right tool to do so.
You'll need something that can manipulate the incoming SOAP message
with authentication and authorization information for the backend
webservices to determine that the requesting party has been
authenticated. NAM can't do that unfortunately.