Uploaded image for project: 'JBoss Web Services'
  1. JBoss Web Services
  2. JBWS-4123

SAMLTokenPrincipal is not propagated to EJB


    • Icon: Feature Request Feature Request
    • Resolution: Duplicate
    • Icon: Major Major
    • None
    • jbossws-cxf-5.2.1.Final
    • jbossws-cxf
    • None

      SAML Token Principal can be propagated to the EJB layer, which right now we are not seeing.
      Here are the results we see,

      16:23:43,521 INFO [stdout] (default task-9) class org.apache.wss4j.common.principal.SAMLTokenPrincipalImpl
      16:23:43,522 INFO [stdout] (default task-9) subjectName
      16:23:58,617 INFO [stdout] (default task-9) class org.jboss.security.SimplePrincipal
      16:24:15,751 INFO [stdout] (default task-9) anonymous

      CXF code isn't creating the Subject for the security context in a way that the EAP, or JEE containers, can understand. For UsernameToken type authentication this is done through org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor, but I'm unsure if this applies to SAML tokens.

            rhn-engineering-ema Jim Ma
            rhn-support-vgohel Viral Gohel
            0 Vote for this issue
            6 Start watching this issue