cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steven Tippetts (JIRA)" <>
Subject [jira] [Commented] (CXF-4666) [OAuth2] securityContext problem on createSubject
Date Fri, 30 Nov 2012 00:39:59 GMT


Steven Tippetts commented on CXF-4666:

Thanks for the info. I'll look into the CXF JAAS approach in the future, but for now I'll
just get the context from ContextSecurityHolder.

Regarding CXF-4656, the additional properties I'm interested in are: account id, surname,
and given name.
> [OAuth2] securityContext problem on createSubject
> -------------------------------------------------
>                 Key: CXF-4666
>                 URL:
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS Security
>    Affects Versions: 2.7.0
>            Reporter: Steven Tippetts
> This is probably just ignorance on my part, but when I override the createSubject method
in the file, the securityContext parameter that is passed
in is of type AbstractHTTPDestination$2. This parameter contains my authentication token,
but I don't know how to get at it, so I'm having to go to the SecurityContextHolder to get
the context instead of just using the parameter.
> I'm just using standard Spring authentication, so it seems like many other people would
also have AbstractHTTPDestination$2 as the security type, which causes roles to be missed
in the OAuthUtils.createSubject method.
> I'm sure I missed some details so please let know your questions and thanks for your

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message