Classification: UNCLASSIFIED Caveats: NONE Response preceded by "GY:".
Gang -----Original Message----- From: Simon Nash [mailto:[email protected]] Sent: Friday, February 04, 2011 6:17 AM To: [email protected] Subject: Re: Can application code and interceptor/handler code in Tuscany communicate with each other via some context? (UNCLASSIFIED) See responses below. I've removed older discussion to make this easier to follow. Simon Yang, Gang CTR US USA wrote: > Classification: UNCLASSIFIED > Caveats: NONE > > (cut) > > GY: The use case applies to SCA well. When a new service is developed > referencing other existing services. The authorization is best done in a > distributed fashion - the information owning service makes the > authorization decision based on its existing policies. This means that > when a client access this new service with its credential, this > credential (in the form of some security token, say SAML) would need to > be passed to the other existing services for authorization. Translated > to SCA view, the handler for the service WS binding needs to pass the > user credential to the handler for the reference WS binding. Since the > two handlers does not have any direct relation, this is done (in other > frameworks such as Axis2, JAX-WS and JAX-RPC) through the new service > implementation code which connects the service (inbound from the client) > to the reference (outbound to other services). > In SCA there's a getSecuritySubject() method on the RequestContext API. This is implemented by putting a Subject header in the ThreadMessageContext. This header is added by the service binding handler and would be available to the reference binding handler. Does this do what you need? GY: Can you elaborate a little on this RequestContext API? I could not find RequestContext interface/class from 1.6.1 source. I did find ThreadMessageContext interface, which only deals with Message. Is Message in Tuscany implementing the message context concept? How is it accessed from PolicyHandler and from the client/service application code? Simon Classification: UNCLASSIFIED Caveats: NONE
