Uploaded image for project: 'JBoss Web Services'
  1. JBoss Web Services
  2. JBWS-4123

SAMLTokenPrincipal is not propagated to EJB

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Duplicate
    • Major
    • None
    • jbossws-cxf-5.2.1.Final
    • jbossws-cxf
    • None

    Description

      SAML Token Principal can be propagated to the EJB layer, which right now we are not seeing.
      Here are the results we see,

      16:23:43,521 INFO [stdout] (default task-9) class org.apache.wss4j.common.principal.SAMLTokenPrincipalImpl
      16:23:43,522 INFO [stdout] (default task-9) subjectName
      16:23:58,617 INFO [stdout] (default task-9) class org.jboss.security.SimplePrincipal
      16:24:15,751 INFO [stdout] (default task-9) anonymous

      CXF code isn't creating the Subject for the security context in a way that the EAP, or JEE containers, can understand. For UsernameToken type authentication this is done through org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor, but I'm unsure if this applies to SAML tokens.

      Attachments

        Issue Links

          is blocked by

          Bug - A problem that impairs or prevents the functions of the product. WFLY-10480 ElytronSecurityDomainContextImpl does not propagate authenticated subject

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Activity

            People

              rhn-engineering-ema Jim Ma
              rhn-support-vgohel Viral Gohel
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: