You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@servicemix.apache.org by depstei2 <de...@umd.edu> on 2007/11/15 22:45:55 UTC
CXF Security context
Once the cxf-bc has authenticated an incoming message, the message is sent to
my cxf service engine. How does one go about getting the security context
from the normalized message if the headers are stripped out? In standalone
cxf, you can grab the wsContext inside your service implementation pojo. Is
there a way to inject the cxfse wsContext into your service pojo?
--
View this message in context: http://www.nabble.com/CXF-Security-context-tf4817408s12049.html#a13782546
Sent from the ServiceMix - User mailing list archive at Nabble.com.
Re: CXF Security context
Posted by Guillaume Nodet <gn...@gmail.com>.
Imho, we should support it somehow.
It should be quite easy to do as the only things to do are:
* delegate authentication to JAAS configured in servicemix
* put the authenticated subject in the JBI exchange
It we do that, we should be able to use servicemix authorization mechanism.
Thoughts ?
On Nov 16, 2007 3:36 AM, Freeman Fang <fr...@iona.com> wrote:
> Hi,
>
> We don't support getting security context from the normalized message so
> far, since ws-security is based on soap binding , but the normalized
> message used for service pojo inside cxfse is based on jbi binding. All
> ws-security feature is handled in cxf-bc, which means we support
> ws-security between endpoint outside jbi container and the cxf bc, but
> not inside jbi container.
>
> Best Regards
> Freeman
>
>
> depstei2 wrote:
> > Once the cxf-bc has authenticated an incoming message, the message is
> sent to
> > my cxf service engine. How does one go about getting the security
> context
> > from the normalized message if the headers are stripped out? In
> standalone
> > cxf, you can grab the wsContext inside your service implementation pojo.
> Is
> > there a way to inject the cxfse wsContext into your service pojo?
> >
> >
>
--
Cheers,
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
Re: CXF Security context
Posted by Freeman Fang <fr...@gmail.com>.
You can write your interceptors to extract headers from soap message and
store it in the jbi message if you want, and you can inject your
interceptors into cxf bc endpoint by spring configuration.
For ws-rm, yes, we support it from an exteranl endpoint to the binding
component only.
For ws-transaction, Cxf bc don't support it so far since ws-transaction is
still in progress of cxf project.
Freeman
On 11/16/07, depstei2 <de...@umd.edu> wrote:
>
>
> Is there any other way to pass header information through to the bus? Is
> this the same for transactions or reliable messaging as it is for security
> (all of transaction/security/rm is handled from an external endpoint to
> the
> binding component only)?
>
>
> Freeman Fang-2 wrote:
> >
> > Hi,
> >
> > We don't support getting security context from the normalized message so
> > far, since ws-security is based on soap binding , but the normalized
> > message used for service pojo inside cxfse is based on jbi binding. All
> > ws-security feature is handled in cxf-bc, which means we support
> > ws-security between endpoint outside jbi container and the cxf bc, but
> > not inside jbi container.
> >
> > Best Regards
> > Freeman
> >
> >
> > depstei2 wrote:
> >> Once the cxf-bc has authenticated an incoming message, the message is
> >> sent to
> >> my cxf service engine. How does one go about getting the security
> >> context
> >> from the normalized message if the headers are stripped out? In
> >> standalone
> >> cxf, you can grab the wsContext inside your service implementation
> pojo.
> >> Is
> >> there a way to inject the cxfse wsContext into your service pojo?
> >>
> >>
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/CXF-Security-context-tf4817408s12049.html#a13794368
> Sent from the ServiceMix - User mailing list archive at Nabble.com.
>
>
Re: CXF Security context
Posted by depstei2 <de...@umd.edu>.
Is there any other way to pass header information through to the bus? Is
this the same for transactions or reliable messaging as it is for security
(all of transaction/security/rm is handled from an external endpoint to the
binding component only)?
Freeman Fang-2 wrote:
>
> Hi,
>
> We don't support getting security context from the normalized message so
> far, since ws-security is based on soap binding , but the normalized
> message used for service pojo inside cxfse is based on jbi binding. All
> ws-security feature is handled in cxf-bc, which means we support
> ws-security between endpoint outside jbi container and the cxf bc, but
> not inside jbi container.
>
> Best Regards
> Freeman
>
>
> depstei2 wrote:
>> Once the cxf-bc has authenticated an incoming message, the message is
>> sent to
>> my cxf service engine. How does one go about getting the security
>> context
>> from the normalized message if the headers are stripped out? In
>> standalone
>> cxf, you can grab the wsContext inside your service implementation pojo.
>> Is
>> there a way to inject the cxfse wsContext into your service pojo?
>>
>>
>
>
--
View this message in context: http://www.nabble.com/CXF-Security-context-tf4817408s12049.html#a13794368
Sent from the ServiceMix - User mailing list archive at Nabble.com.
Re: CXF Security context
Posted by Freeman Fang <fr...@iona.com>.
Hi,
We don't support getting security context from the normalized message so
far, since ws-security is based on soap binding , but the normalized
message used for service pojo inside cxfse is based on jbi binding. All
ws-security feature is handled in cxf-bc, which means we support
ws-security between endpoint outside jbi container and the cxf bc, but
not inside jbi container.
Best Regards
Freeman
depstei2 wrote:
> Once the cxf-bc has authenticated an incoming message, the message is sent to
> my cxf service engine. How does one go about getting the security context
> from the normalized message if the headers are stripped out? In standalone
> cxf, you can grab the wsContext inside your service implementation pojo. Is
> there a way to inject the cxfse wsContext into your service pojo?
>
>