[CXF-6401] Change the order that the set of security results are searched to create a security context - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Pending Closed
Affects Version/s: None
Fix Version/s: 3.1.1, 3.0.6
Component/s: None
Labels:
None

Estimated Complexity:
Unknown

Description

Right now we search the list of security results from WSS4J from the last result backwards, and stop when we meet a result that can be used to create a security context. However, we should instead create a list of desired tokens/actions with a priority to each one. So for example, if a (signed) SAML token is in the security header, this should have a higher priority than say a Signature, as the likely intention of the service logic is that the SAML Token encapsulates the user identity.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

patch.txt
15/May/15 14:22
1 kB
Stuart Charlton

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Colm O hEigeartaigh

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 12/May/15 10:59

Updated:: 14/Oct/16 14:25

Resolved:: 12/May/15 15:41