Imho, we should support it somehow. It should be quite easy to do as the only things to do are: * delegate authentication to JAAS configured in servicemix * put the authenticated subject in the JBI exchange It we do that, we should be able to use servicemix authorization mechanism. Thoughts ?
On Nov 16, 2007 3:36 AM, Freeman Fang <[EMAIL PROTECTED]> wrote: > Hi, > > We don't support getting security context from the normalized message so > far, since ws-security is based on soap binding , but the normalized > message used for service pojo inside cxfse is based on jbi binding. All > ws-security feature is handled in cxf-bc, which means we support > ws-security between endpoint outside jbi container and the cxf bc, but > not inside jbi container. > > Best Regards > Freeman > > > depstei2 wrote: > > Once the cxf-bc has authenticated an incoming message, the message is > sent to > > my cxf service engine. How does one go about getting the security > context > > from the normalized message if the headers are stripped out? In > standalone > > cxf, you can grab the wsContext inside your service implementation pojo. > Is > > there a way to inject the cxfse wsContext into your service pojo? > > > > > -- Cheers, Guillaume Nodet ------------------------ Blog: http://gnodet.blogspot.com/
