cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CXF-6401) Change the order that the set of security results are searched to create a security context
Date Tue, 12 May 2015 10:59:59 GMT
Colm O hEigeartaigh created CXF-6401:
----------------------------------------

             Summary: Change the order that the set of security results are searched to create
a security context
                 Key: CXF-6401
                 URL: https://issues.apache.org/jira/browse/CXF-6401
             Project: CXF
          Issue Type: Improvement
            Reporter: Colm O hEigeartaigh
            Assignee: Colm O hEigeartaigh
             Fix For: 3.1.1, 3.0.6



Right now we search the list of security results from WSS4J from the last result backwards,
and stop when we meet a result that can be used to create a security context. However, we
should instead create a list of desired tokens/actions with a priority to each one. So for
example, if a (signed) SAML token is in the security header, this should have a higher priority
than say a Signature, as the likely intention of the service logic is that the SAML Token
encapsulates the user identity.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message