That would be great.
+1 from me.
Thank you,
Ashok.
On Tue, 7 Jun 2005 18:48:48 -0400, Davanum Srinivas <[EMAIL PROTECTED]>
wrote:
do you want to add an optional flag to save the assertion in the
MessageContext in addition to wsResults vector? +1 from me.
-- dims
On 6/7/05, Ashok Shah <[EMAIL PROTECTED]> wrote:
Hello,
I am using "SAMLTokenUnsigned" profile in the WSS4J implementation. I
have
my own policy enforcement engine that converts the SAML request to XACML
request and then runs it through the XACML PDP and PEP enignes. The
policy
enforcement engine is responsible for enforcing the access rules to the
resource requested.
I was wondering if after processing the security header in WSS4J the
SAMLAssertion instance could be added to the MessageContext object so
that
other handlers in the chain could access that SAMLAssertion and run it
through the policy engine that I have designed.
Currently, the WSS4J code only seem to verify the signature and trust
for
the Assertion and then puts the assertion in the wsResults vector.But
once
the processing is done in doReciever() the assertion cannot be accessed
from other handlers.
I was wondering if someone could help me over here. I am ready to work
out
the patch, please let me know.
Thanks,
Ashok.
--
Using Opera's revolutionary e-mail client: http://www.opera.com/m2/
