I tried using the whole saml assertion xml section (everything inside the
root element) encoded as alf_ticket param value. Didn't help (still get authentication dialogs with webscripts).
Found out content services supports a "ticket" http header with the saml assertion xml instead of a "alf_ticket" url param
Still can't seem to use this ticket header from flex/flash.
Other than an initial auth prompt on first use of upload/download/view due to this, FlexSpaces+Browser and FlexSpaces+AIR RIA clients for Alfresco now support LiveCycle Content Services ES
The topic is still unanswered after 7 months
Still haven't haven't found how to use the saml ticket header (no one answered this topic other than myself)
Did figure out that the /contentspace/wcservice webscript url can be used instead /contentspace/service when you have already logged in with contentspace. With this you don't need to use a header (basic authentication, etc.) and cookies will be used to authenticate.
This doesn't help a stand-alone use case.
And headers aren't supported well in Flex. To use with HTTPService you have to use the flex proxy. And some APIs in Flex don't even allow you to add headers: Flex APi to view files navigateToURL(), to upload files FileReference.upload()
With the URL arg ticket regular alfresco, these apis work fine
Content Services should add back in the URL arg that Alfresco had alf_ticket (say renamed to adobe_ticket or ticket_that_works_with_flex_unlike_headers)