You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by janb <ja...@sopera.com> on 2011/09/26 13:14:06 UTC
Role Information in SAML Token
Hi,
I was wondering about Java EE Security Support in CXF. More particular, I
would like to know, if Role Information from an SAML Token is available in
the Security Context?
If a CXF Provider receives a SAML Token including all asigned roles of a
given user, could I use Java EE Security Annotations, or
javax.xml.ws.WebServiceContext.isUserInRole(role) to check for a certain
role?
Kind regards,
Jan
--
View this message in context: http://cxf.547215.n5.nabble.com/Role-Information-in-SAML-Token-tp4841005p4841005.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: Role Information in SAML Token
Posted by Sergey Beryozkin <sb...@gmail.com>.
Hi
Some code is already available to support RBAC and a completely
different Claims based authorization - right now the question is how to
make sure it can be shared by SOAP-based and JAX-RS based endpoints, but
it will be there
Cheers, Sergey
On 26/09/11 12:14, janb wrote:
> Hi,
>
> I was wondering about Java EE Security Support in CXF. More particular, I
> would like to know, if Role Information from an SAML Token is available in
> the Security Context?
>
> If a CXF Provider receives a SAML Token including all asigned roles of a
> given user, could I use Java EE Security Annotations, or
> javax.xml.ws.WebServiceContext.isUserInRole(role) to check for a certain
> role?
>
> Kind regards,
> Jan
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/Role-Information-in-SAML-Token-tp4841005p4841005.html
> Sent from the cxf-user mailing list archive at Nabble.com.