[jboss-jira] [JBoss JIRA] Created: (JBID-215) STSSecurityHandler: Enable the username/password to be retreived from the SOAPMessageContext.
Daniel Bevenius (JIRA)
jira-events at lists.jboss.org
Tue Nov 17 06:20:29 EST 2009
STSSecurityHandler: Enable the username/password to be retreived from the SOAPMessageContext.
---------------------------------------------------------------------------------------------
Key: JBID-215
URL: https://jira.jboss.org/jira/browse/JBID-215
Project: JBoss Identity
Issue Type: Task
Components: Identity-Federation
Affects Versions: IDFED-1.0.0.CR1
Reporter: Daniel Bevenius
Assignee: Daniel Bevenius
Fix For: IDENTITY-1.0.0.CR1
Currently the STSSecurityHandler can only take its configuration from a properties file. This includes the username/password. I previously thought that this was alright but Anil pointed out there might be token providers that require the callers credentials.
The task should add the ability for a handler earlier in the handlerchain to extract the username/password from whatever location and set these values in the SOAPMessageContext using constants defined in the STSSecurityHandler:
**
* Constant that can be used by handlers to set the username in the SOAPMessageContext.
*/
public static final String USERNAME_MSG_CONTEXT_PROPERTY = "org.jboss.identity.federation.core.wstrust.handlers.username";
/**
* Constant that can be used by handlers to set the password in the SOAPMessageContext.
*/
public static final String PASSWORD_MSG_CONTEXT_PROPERTY = "org.jboss.identity.federation.core.wstrust.handlers.password";
So both of these options will be available and precedence will be given to any values in the SOAPMessageContext.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list