cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason Pell (JIRA)" <j...@apache.org>
Subject [jira] Commented: (CXF-3063) Make it possible to use WSSE tokens for authorization decisions without extending WSS4JInInterceptor
Date Sat, 06 Nov 2010 00:58:43 GMT

    [ https://issues.apache.org/jira/browse/CXF-3063?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12928904#action_12928904
] 

Jason Pell commented on CXF-3063:
---------------------------------

Hi,

I was wondering if you would consider changing your patch slightly for WSS4JInInterceptor

Instead of:
boolean utWithCallbacks =  !MessageUtils.getContextualBoolean(msg, SecurityConstants.USERNAME_TOKEN_NO_CALLBACKS,
false);

What about:
        
boolean utWithCallbacks = true;
if(!MessageUtils.getContextualBoolean(msg, SecurityConstants.USERNAME_TOKEN_NO_CALLBACKS,
false) ||
       	"none".equalsIgnoreCase((String)getOption(WSHandlerConstants.PW_CALLBACK_CLASS)))
{
       	utWithCallbacks = false;
}

This would allow me to use a normal spring bean to configure my interceptors, but the functionality
you intended would still work perfectly.  With this change locally my requirements are met.

> Make it possible to use WSSE tokens for authorization decisions without extending WSS4JInInterceptor
> ----------------------------------------------------------------------------------------------------
>
>                 Key: CXF-3063
>                 URL: https://issues.apache.org/jira/browse/CXF-3063
>             Project: CXF
>          Issue Type: Improvement
>          Components: Core, WS-* Components
>    Affects Versions: 2.3.0
>            Reporter: Sergey Beryozkin
>             Fix For: 2.3.1, 2.4
>
>         Attachments: cxf-3063.patch
>
>


-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message