[CXF-3521] WebServiceContext.getUserPrincipal() is null for incoming SAML Token or transformed token - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.4
Fix Version/s: 2.4.1
Component/s: WS-* Components
Labels:
None

CXF Fields:

Blocked on External

Description

If my service provider receives a SAML token or a BinarySecurityToken (will be transformed) I can't read the principle using the JAX-WS WebServiceContext.

example:

...
@Resource
WebServiceContext wsContext;

public java.math.BigInteger doubleIt(java.math.BigInteger numberToDouble) {
Principal pr = wsContext.getUserPrincipal();
...

The method getUserPrincipal() returns null.

I see two ways to fix this.

1) Pass the principal to the constructor of WSSecurityEngineResult in the processor of WSS4J

ex.
if (assertion.isSigned())

{ result = new WSSecurityEngineResult(WSConstants.ST_SIGNED, assertion); }

else

{ result = new WSSecurityEngineResult(WSConstants.ST_UNSIGNED, assertion); }

similar for BinarySecurityTokenProcessor.

This allows the CXF WSS4JInInterceptor to read the principal like this:
final Principal p = (Principal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);

2) Extend the WSS4JInInterceptor to parse the SAMLToken (or the transformed if available), read the subject and create the CXF SecurityContext.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

DoubleItImpl.java
16/May/11 13:03
2 kB
Oliver Wulff

Issue Links

depends upon

WSS-290 Create Principals when processing SAML and BinarySecurityTokens

Closed

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Oliver Wulff

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 16/May/11 13:01

Updated:: 02/May/13 02:29

Resolved:: 01/Jun/11 13:41