Ashok, the WSDoAllReceiver handler already stores the wsResult in the message context. This was done to provide following handlers and the service with all necessary information.
A following handler can access the results in the following way: Vector results = (Vector) mc.getProperty(WSHandlerConstants.RECV_RESULTS)); This vector contains all results of the WSSecurityEngine together with the actor name for the result set. Access is as follows: WSHandlerResult handlerRes = results.get(x); WSHandlerResult itself contains a vector of WSSecurityEngineResult object and the actor name for that result set (remember that we can have several wsse:Security headers with different actors. Get the actor name for the security header: String actor = handlerRes.getActor(); If the actor matches (or there is only one actor) then get the engine results vector: Vector wsResult = handlerRes.getResults(); To locate a specific result in the WSSecurityEngineResult vector there are some utility method in WSSecurityUtil, e.g. WSSecurityEngineResult actionResult = WSSecurityUtil.fetchActionResult(wsResult, WSConstants.SIGN); IMO there is no need to change something here. The mechanisms are in place. Regards, Werner > -----Urspr�ngliche Nachricht----- > Von: Ashok Shah [mailto:[EMAIL PROTECTED] > Gesendet: Mittwoch, 8. Juni 2005 00:39 > An: [email protected] > Betreff: SAMLTokenUnsigned profile, Assertion handling > > > Hello, > > I am using "SAMLTokenUnsigned" profile in the WSS4J > implementation. I have > my own policy enforcement engine that converts the SAML > request to XACML > request and then runs it through the XACML PDP and PEP > enignes. The policy > enforcement engine is responsible for enforcing the access > rules to the > resource requested. > > I was wondering if after processing the security header in WSS4J the > SAMLAssertion instance could be added to the MessageContext > object so that > other handlers in the chain could access that SAMLAssertion > and run it > through the policy engine that I have designed. > > Currently, the WSS4J code only seem to verify the signature > and trust for > the Assertion and then puts the assertion in the wsResults > vector.But once > the processing is done in doReciever() the assertion cannot > be accessed > from other handlers. > > I was wondering if someone could help me over here. I am > ready to work out > the patch, please let me know. > > Thanks, > > Ashok. >
