Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
-
Unknown
Description
This task is to create a common SAML-based SecurityContext for both the JAX-RS and JAX-WS layers.
At the moment, the JAX-WS layer creates a LoginSecurityContext to return the principal + roles extracted from a SAML Assertion. However, it does not store the SAML Assertion itself. The JAX-RS layer has a custom SecurityContext implementation that stores the roles etc.
This task will add a new SAMLSecurityContext class to the rt-core module, and so downstream code can access a SAMLSecurityContext independently of whether it came from the JAX-RS or JAX-WS layer.