[
https://issues.apache.org/jira/browse/CXF-3216?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13018398#comment-13018398
]
Daniel Kulp commented on CXF-3216:
----------------------------------
Christians note was that Kerberos auth was working at the transport level.
Basically, using it for https authentication. What you are asking for is
message level auth which is a bit different. A this point, we don't support
kerberos in the WS-SecPol engine. Patches that would get us there are more
than welcome. (new JIRA's of course)
Basically, step one WOULD be a PolicyBuilder and Token object. That would
allow us to parse the policy. Next would likely be updates to the
PolicyBasedWSS4J*Interceptor to handle that token type.
I DON'T know if this will also require some updates to WSS4J. There is a JIRA
open there about Kerberos support where a user was going to supply a patch, but
they never did.
> Refactor http authentication to make it more flexible and simpler
> -----------------------------------------------------------------
>
> Key: CXF-3216
> URL: https://issues.apache.org/jira/browse/CXF-3216
> Project: CXF
> Issue Type: Improvement
> Components: Transports
> Affects Versions: 2.3.1
> Reporter: Christian Schneider
> Assignee: Christian Schneider
> Fix For: 2.4
>
> Attachments: CXF-3216-1.patch, CXF-3216-2.patch
>
>
> The http authentication should be completely based on authSupplier. The
> HttpConduit should simply delegate to it.
> We should also remove some of the other auth config options besides
> authorizationPolicy on conduit.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
