I have following policy for user authenticating with X509 certificate, but I did not find any interceptor to get user info from certificate. Any idea to deal with X509 certificate authentication? I already tried sign and encrypt they work fine, I just want authentication.
<wsp:Policy wsu:Id="UsernameToken_Policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> <sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:X509Token xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"; sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always";> <wsp:Policy> <sp:WssX509V3Token10/> </wsp:Policy> </sp:X509Token> </wsp:Policy> <sp:TransportToken> <wsp:Policy> <sp:HttpsToken> <wsp:Policy/> </sp:HttpsToken> </wsp:Policy> </sp:TransportToken> </sp:SupportingTokens> </wsp:Policy> -- View this message in context: http://cxf.547215.n5.nabble.com/Custom-X509TokenValidator-tp5708191.html Sent from the cxf-dev mailing list archive at Nabble.com.
