You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@servicemix.apache.org by "Kurt Westerfeld (JIRA)" <ji...@apache.org> on 2010/12/06 15:30:14 UTC
[jira] Updated: (SM-2020) CXFSE Proxy Doesn't Implement
"propagateSubject" Setting
[ https://issues.apache.org/jira/browse/SM-2020?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kurt Westerfeld updated SM-2020:
--------------------------------
Description:
In looking at cxfse:proxy xsd, it is possible to setup a proxy to propagate the NMR "security subject" in the bean construction; however, the code does nothing within CxfSeProxyFactoryBean.
I think it would not be hard to implement. If this setting is true, do the following:
- create a cxf interceptor that is attached right before jbi marshaling (ie. PRE_STREAM) similar to cxfbc's interceptor called JbiOutInterceptor
- within this interceptor, find the currently propagated message using JBIContext.getMessageExchange()
- if there is a mex (there may not be, in the case that an inbound message is not currently being handled by the cxfse endpoint--ie. async outbound call), call mex.getMessage( "in" ), and if this is non-null, do:
if( !message.containsKey( Subject.class ) )
message.put( Subject.class, inMsg.getSecuritySubject() )
Now comes the semi-hard part. To me, it looks like the jbi binding/transport abstraction (JBIConduitOutputStream) in cxf would next need a slight mod, like this:
if (message.containsKey( Subject.class ) )
inMsg.setSecuritySubject( (Subject) message.get( Subject.class ) );
was:
In looking at cxfse:proxy xsd, it is possible to setup a proxy to propagate the NMR "security subject" in the bean construction; however, the code does nothing within CxfSeProxyFactoryBean.
I think it would not be hard to implement. If this setting is true, do the following:
- create a cxf interceptor that is attached right before jbi marshaling (ie. PRE_STREAM) similar to cxfbc's interceptor called JbiOutInterceptor
- within this interceptor, find the currently propagated message using JBIContext.getMessageExchange()
- if there is a mex (there may not be, in the case that an inbound message is not currently being handled by the cxfse endpoint--ie. async outbound call), call mex.getMessage( "in" ), and if this is non-null, do:
if( !message.containsKey( Subject.class ) )
message.put( Subject.class, inMsg.getSecuritySubject() )
Now comes the semi-hard part. To me, it looks like the jbi binding/transport abstraction in cxf would next need a slight mod, like this:if message.containsKey( Subject.class )
> CXFSE Proxy Doesn't Implement "propagateSubject" Setting
> ---------------------------------------------------------
>
> Key: SM-2020
> URL: https://issues.apache.org/jira/browse/SM-2020
> Project: ServiceMix
> Issue Type: Bug
> Components: servicemix-cxf-se
> Environment: fuse esb 4.3
> Reporter: Kurt Westerfeld
>
> In looking at cxfse:proxy xsd, it is possible to setup a proxy to propagate the NMR "security subject" in the bean construction; however, the code does nothing within CxfSeProxyFactoryBean.
> I think it would not be hard to implement. If this setting is true, do the following:
> - create a cxf interceptor that is attached right before jbi marshaling (ie. PRE_STREAM) similar to cxfbc's interceptor called JbiOutInterceptor
> - within this interceptor, find the currently propagated message using JBIContext.getMessageExchange()
> - if there is a mex (there may not be, in the case that an inbound message is not currently being handled by the cxfse endpoint--ie. async outbound call), call mex.getMessage( "in" ), and if this is non-null, do:
> if( !message.containsKey( Subject.class ) )
> message.put( Subject.class, inMsg.getSecuritySubject() )
> Now comes the semi-hard part. To me, it looks like the jbi binding/transport abstraction (JBIConduitOutputStream) in cxf would next need a slight mod, like this:
> if (message.containsKey( Subject.class ) )
> inMsg.setSecuritySubject( (Subject) message.get( Subject.class ) );
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.