[jbossws-issues] [JBoss JIRA] (JBWS-4123) SAMLTokenPrincipal is not propagated to EJB
Alessio Soldano (JIRA)
issues at jboss.org
Tue May 29 12:38:00 EDT 2018
[ https://issues.jboss.org/browse/JBWS-4123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13583796#comment-13583796 ]
Alessio Soldano commented on JBWS-4123:
---------------------------------------
Btw, here is basically where the webservices subsystem check the type of security domain it's been passed: https://github.com/jbossas/jboss-eap7/blob/EAP_7.1.0.CR4-dev/webservices/server-integration/src/main/java/org/jboss/as/webservices/service/EndpointService.java#L125
> SAMLTokenPrincipal is not propagated to EJB
> --------------------------------------------
>
> Key: JBWS-4123
> URL: https://issues.jboss.org/browse/JBWS-4123
> Project: JBoss Web Services
> Issue Type: Feature Request
> Components: jbossws-cxf
> Affects Versions: jbossws-cxf-5.2.1.Final
> Reporter: Viral Gohel
> Priority: Critical
> Fix For: jbossws-cxf-5.2.2.Final
>
> Attachments: redhat-saml-interceptor.zip, redhat.zip
>
>
> SAML Token Principal can be propagated to the EJB layer, which right now we are not seeing.
> Here are the results we see,
> 16:23:43,521 INFO [stdout] (default task-9) class org.apache.wss4j.common.principal.SAMLTokenPrincipalImpl
> 16:23:43,522 INFO [stdout] (default task-9) subjectName
> 16:23:58,617 INFO [stdout] (default task-9) class org.jboss.security.SimplePrincipal
> 16:24:15,751 INFO [stdout] (default task-9) anonymous
> CXF code isn't creating the Subject for the security context in a way that the EAP, or JEE containers, can understand. For UsernameToken type authentication this is done through org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor, but I'm unsure if this applies to SAML tokens.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jbossws-issues
mailing list