Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-6401

Change the order that the set of security results are searched to create a security context

          Details

          • Type: Improvement
          • Status: Closed
          • Priority: Major
          • Resolution: Pending Closed
          • Affects Version/s: None
          • Fix Version/s: 3.1.1, 3.0.6
          • Component/s: None
          • Labels:
            None
          • Estimated Complexity:
            Unknown

            Description


            Right now we search the list of security results from WSS4J from the last result backwards, and stop when we meet a result that can be used to create a security context. However, we should instead create a list of desired tokens/actions with a priority to each one. So for example, if a (signed) SAML token is in the security header, this should have a higher priority than say a Signature, as the likely intention of the service logic is that the SAML Token encapsulates the user identity.

              Attachments

              1. patch.txt
                1 kB
                Stuart Charlton

                Activity

                  People

                  • Assignee:
                    coheigea Colm O hEigeartaigh
                    Reporter:
                    coheigea Colm O hEigeartaigh
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    2 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: