Extend WS-Security component for higher level containers be able to use
UsernameToken to authenticate a user and populate SecurityContext
--------------------------------------------------------------------------------------------------------------------------------------------
Key: CXF-2754
URL: https://issues.apache.org/jira/browse/CXF-2754
Project: CXF
Issue Type: Improvement
Components: WS-* Components
Affects Versions: 2.3, 2.2.8
Reporter: Sergey Beryozkin
Assignee: Sergey Beryozkin
Fix For: 2.3, 2.2.8
By default, WSS4JInInterceptor relies on CallbackHandlers to provide or
validate a password for handling digests and clear-texts respectively.
Also, the default SecurityContext is partially populated and thus can not be
used for the authorization decisions.
Higher level containers should be able to delegate to their own subsystems for
authenticating a user and populating SecurityContext
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
