cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tom Schneider (Commented) (JIRA)" <>
Subject [jira] [Commented] (CXF-3635) WS-Trust SPNego (WCF message level spnego)
Date Tue, 03 Jan 2012 15:52:39 GMT


Tom Schneider commented on CXF-3635:

The following also worked for me:
GSSName gssService = gssManager.createName(serviceName, GSSName.NT_USER_NAME);
which makes sense since I'm using an active directory username and password to authenticate
with Kerberos.  I guess this has to be configurable since we can't assume an initial authentication
mechanism.  Another option might be to allow a user to pass in their own SpnegoClientAction
like I've currently doing with the NamePasswordCallback. (i.e. the ws-security.callback-handler
property)  That would provide the most flexibility.

You're too late for the documentation, I already created an example for CRM 2011 and added
a link on the CXF wiki:

I'll try to put together a unit test for the working and non-working signature validation.
> WS-Trust SPNego (WCF message level spnego)
> ------------------------------------------
>                 Key: CXF-3635
>                 URL:
>             Project: CXF
>          Issue Type: New Feature
>          Components: WS-* Components
>    Affects Versions: 2.3.5
>            Reporter: Tom Schneider
>            Assignee: Colm O hEigeartaigh
>         Attachments:
> We have spent time implementing SPNego over WS-Trust support for CXF and wish to submit
it for possible inclusion in CXF itself.  (Or at least as an example for others to follow)
 This was implemented so we could use the webservice of MS CRM 2011 when configured for 'on-premise'
security, although I think WCF 4.0 uses this type of security by default if you explicitly
change it.  So I'm sure this functionality would be useful to others.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:!default.jspa
For more information on JIRA, see:


View raw message