[jbossws-issues] [JBoss JIRA] (JBWS-4123) SAMLTokenPrincipal is not propagated to EJB
Jan Krause (JIRA)
issues at jboss.org
Wed May 30 02:54:00 EDT 2018
[ https://issues.jboss.org/browse/JBWS-4123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13583995#comment-13583995 ]
Jan Krause commented on JBWS-4123:
----------------------------------
Thank you for looking into this. Unfortunately, I cannot open the link, since I don't have access to the jboss-eap7 repository.
> SAMLTokenPrincipal is not propagated to EJB
> --------------------------------------------
>
> Key: JBWS-4123
> URL: https://issues.jboss.org/browse/JBWS-4123
> Project: JBoss Web Services
> Issue Type: Feature Request
> Components: jbossws-cxf
> Affects Versions: jbossws-cxf-5.2.1.Final
> Reporter: Viral Gohel
> Priority: Critical
> Fix For: jbossws-cxf-5.2.2.Final
>
> Attachments: redhat-saml-interceptor.zip, redhat.zip
>
>
> SAML Token Principal can be propagated to the EJB layer, which right now we are not seeing.
> Here are the results we see,
> 16:23:43,521 INFO [stdout] (default task-9) class org.apache.wss4j.common.principal.SAMLTokenPrincipalImpl
> 16:23:43,522 INFO [stdout] (default task-9) subjectName
> 16:23:58,617 INFO [stdout] (default task-9) class org.jboss.security.SimplePrincipal
> 16:24:15,751 INFO [stdout] (default task-9) anonymous
> CXF code isn't creating the Subject for the security context in a way that the EAP, or JEE containers, can understand. For UsernameToken type authentication this is done through org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor, but I'm unsure if this applies to SAML tokens.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jbossws-issues
mailing list