cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: SamlTokenInterceptor
Date Fri, 04 Dec 2015 10:25:27 GMT
SamlTokenInterceptor is designed to be used with WS-SecurityPolicy, when
you have a SupportingToken policy with no security binding, just a
SamlToken policy. For example, see the "DoubleItBearerPolicy" policy here:

https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/DoubleItSaml.wsdl;h=70c2233daadec104fd5adf41251f016bd309061d;hb=HEAD

You could try adding the interceptor manually to the inInterceptor chain,
I'm not sure if it will work though without a security policy. The normal
way of reading SAML without WS-SecurityPolicy, is to use the "action"
approach with WSS4J, where you tell the WSS4JInInterceptor that a SAML
Token is required.

Colm.

On Fri, Dec 4, 2015 at 1:22 AM, joesam <sam.robles88@gmail.com> wrote:

> Hi all,
>
> I am new to CXF. I am using v3.0.4.
> I have a requirement to read SAML token from a incoming SOAP header request
> and store the token for other purposes.
>
> I want to use SamlTokenInterceptor. Do I need to extend this class and
> override processToken method?
>
> Also, in <jaxws:server> configuration, do I pass this class as
> <jaxws:provider> or <jaxws:inInterceptors>?
>
> Example of the configuration is highly appreciated.
>
> Thanks in advance.
>
>
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/SamlTokenInterceptor-tp5763598.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message