hi, cxf together with wss4j does not allow for SAML assertion with dynamic subject name (different subject name for each invocation). I have made modification to wss4j to accept the extra parameter. I am stuck at the cxf. WSS4JOutInterceptor is the place where the arguments have to be added, but I don't see an obvious way to add the per request parameters to the message context. My goal would be to make a changes which can eventually make to the trunk. I am afraid my spontaneous creation has very high chance to violate the cxf best practices.
My specific use case: - servlet (tomcat) obtains the user certificate as a result of SSL client authentication - servlet uses cxf client to invoke a web service (SAML, encryption, signature) Here are some ideas: 1. servlet put the information into the thread local variable, which in turn is repacked by WSS4JOutInterceptor 2. more complex: - define identity interceptor, it takes config (?class) which describes how to get the identity from given application and inserts it into message context - WSS4JOutInterceptor repacks the information. Any pointers and/or comments will be appreciated Thanks Pawel -- View this message in context: http://www.nabble.com/per-request-SAML-assertion-tp20578502p20578502.html Sent from the cxf-dev mailing list archive at Nabble.com.
