[CXF-5660] UsernameTokenInterceptor cannot use subject from WSSecurityEngineResult - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.7.10
Fix Version/s: 2.7.11, 3.0
Component/s: WS-* Components
Labels:
- JAAS
- ws-security

Estimated Complexity:
Unknown

Description

When using WS-Security and org.apache.ws.security.validate.JAASUsernameTokenValidator, the later populates org.apache.ws.security.validate.Credential with a javax.security.auth.Subject received from JAAS. It then propagates to WSSecurityEngineResult (TAG_SUBJECT). UsernameTokenInterceptor ignores that and instead uses createSubject method, which is always null.

The workaround currently is to force using WSS4JInInterceptor, which precedes UsernameTokenInterceptor and handles subject information correctly.

Attachments

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Vladimir Kulev

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 28/Mar/14 16:37

Updated:: 11/Jul/14 12:51

Resolved:: 31/Mar/14 14:19