hi forum,
i'm working with jbossws metro 3.1.0.GA on jboss 5.0.1.GA.
i've been able to get the glassfish example described
https://jax-ws.dev.java.net/guide/Configuring_Security_Using_NetBeans_IDE....
unlike the original
https://jax-ws.dev.java.net/guide/Configuring_Security_Using_NetBeans_IDE... uses a
symmetric binding policy; meaning: the client creates a secret key, encrypts the secret
key with the server's public key, the client sends the encrypted secret key in the
soap request to the server; and the client and server sign and encrypt stuff back and
forth using that encrypted secret (symmetric) key.
now that i got that working as a proof of concept, i need to configure wsit for mutual
x509 cert authentication. once the service receives and authenticates the client's
x509 cert, i want to be able to capture the client's cert (from
javax.security.auth.Subject.getPrincipal() or something ) and extract the client's
distinguished name - to do authorization based on the dn (using jbossxacml).
please, can anybody here recommend the simplest, easiest way to do that? can i get at the
subject in a handler if i get a hold of the WebServiceContext? can anybody point me to a
straightforward, easy to follow recipe somewhere, please?
thanks in advance for your help.
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4223521#...
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...