do you want to add an optional flag to save the assertion in the MessageContext in addition to wsResults vector? +1 from me.
-- dims On 6/7/05, Ashok Shah <[EMAIL PROTECTED]> wrote: > Hello, > > I am using "SAMLTokenUnsigned" profile in the WSS4J implementation. I have > my own policy enforcement engine that converts the SAML request to XACML > request and then runs it through the XACML PDP and PEP enignes. The policy > enforcement engine is responsible for enforcing the access rules to the > resource requested. > > I was wondering if after processing the security header in WSS4J the > SAMLAssertion instance could be added to the MessageContext object so that > other handlers in the chain could access that SAMLAssertion and run it > through the policy engine that I have designed. > > Currently, the WSS4J code only seem to verify the signature and trust for > the Assertion and then puts the assertion in the wsResults vector.But once > the processing is done in doReciever() the assertion cannot be accessed > from other handlers. > > I was wondering if someone could help me over here. I am ready to work out > the patch, please let me know. > > Thanks, > > Ashok. > -- Davanum Srinivas - http://webservices.apache.org/~dims/
