tag:blogger.com,1999:blog-7391783704166348052.post3368787547802336872..comments2024-03-15T22:26:58.542-07:00Comments on Open Source Security: Apache CXF STS documentation - part XColm O hEigeartaighhttp://www.blogger.com/profile/10711987281965801793noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-7391783704166348052.post-46861567927748224592011-12-23T02:02:31.733-08:002011-12-23T02:02:31.733-08:00LDAP configuration for claims management and authe...LDAP configuration for claims management and authentication is also described here:<br />http://owulff.blogspot.com/2011/10/configure-ldap-directory-for-cxf-sts.html<br /><br />There is also a file based claims handler available here:<br />http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-idp-sts/src/main/java/org/apache/cxf/fediz/service/sts/FileClaimsHandler.java?view=logOliver Wulffhttps://www.blogger.com/profile/07294415212532150140noreply@blogger.comtag:blogger.com,1999:blog-7391783704166348052.post-27117963761169111912011-11-25T01:27:33.166-08:002011-11-25T01:27:33.166-08:00Thank you, for your fast and helpfull reply!Thank you, for your fast and helpfull reply!Jan Bernhardthttps://www.blogger.com/profile/04467648148765096890noreply@blogger.comtag:blogger.com,1999:blog-7391783704166348052.post-69951187026048177092011-11-23T02:19:37.668-08:002011-11-23T02:19:37.668-08:00Hi Jan,
An extension to the ClaimHandler interfac...Hi Jan,<br /><br />An extension to the ClaimHandler interface to pass through a WebServiceContext has been raised here:<br /><br />https://issues.apache.org/jira/browse/CXF-3930<br /><br />Until this is fixed, you can either get the current CXF Message object via:<br /><br />Message message = PhaseInterceptorChain.getCurrentMessage();<br /><br />or also see:<br /><br />http://stackoverflow.com/questions/7685013/how-to-access-webservicecontext-programatically-in-apache-cxf<br /><br />Colm.Colm O hEigeartaighhttps://www.blogger.com/profile/10711987281965801793noreply@blogger.comtag:blogger.com,1999:blog-7391783704166348052.post-41374157284367838432011-11-23T00:18:00.901-08:002011-11-23T00:18:00.901-08:00Is there a way to get access to the WebServiceCont...Is there a way to get access to the WebServiceContext inside of a ClaimHandler?<br />Access to the Principal and RequestClaimCollection is sometimes not enough. In my case I would need a valid SessionID + Username (presented to the STS as a UsernamePasswordToken) for receiving roles associated with the user from an external System (OpenAM).Jan Bernhardthttps://www.blogger.com/profile/04467648148765096890noreply@blogger.com