[jira] [Commented] (CXF-3816) A policy provider/interceptor for ignoring (i.e., automatically asserting) specified policy assertions

[Daniel Kulp (JIRA)]

    [ 
https://issues.apache.org/jira/browse/CXF-3816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13109819#comment-13109819
 ] 

Daniel Kulp commented on CXF-3816:
----------------------------------


Sergey, this topic came up last week in regards to the NTLM policy that MS 
likes to stick into the WSDL.   We CAN support NTLM via some configuration and 
such.  Thus, if the user is careful, the client could easily meet all the 
requirements of the policy.   However, because of that assertion in the WSDL, 
the client won't work.   Having an easy way to say "OK, I'm aware of this 
policy and I'm handling it manually" is a good thing.

Without that, they would need to write a Neethi AssertionBuilder  (relatively 
easy, subclass the neethi PrimitiveAsertionBuilder probably) as well as a 
PolicyInterceptorProvider and an Interceptor to assert the policy.   A bit 
complicated.    What Aki wants to do is provide all of the above in a simple to 
use bean.

That said, for the case of NTLM, a submission of a full set of policy handlers 
that would handle the configuration and validation of NTLM would definitely be 
appreciated.  :-)





> A policy provider/interceptor for ignoring (i.e., automatically asserting) 
> specified policy assertions
> ------------------------------------------------------------------------------------------------------
>
>                 Key: CXF-3816
>                 URL: https://issues.apache.org/jira/browse/CXF-3816
>             Project: CXF
>          Issue Type: New Feature
>          Components: WS-* Components
>            Reporter: Aki Yoshida
>            Assignee: Aki Yoshida
>            Priority: Minor
>             Fix For: 2.5
>
>
> Introduce an option to ignore, in other words, to automatically assert a set 
> of policy assertions.
> When a WSDL contains unknown policy assertions, the current 
> "ignoreUnknownAssertion" property is used to ignore those unknown policy 
> assertions during the assertion building, but not during the verification of 
> the assertions.
> We introduce a new policy provider IgnorablePolicyProvider that can be 
> configured to register a set of assertion names that can be ignored (i.e., 
> automatically asserted) later during the processing.
> The background is discussed in the following mail thread:
> http://cxf.547215.n5.nabble.com/doubt-on-ignoreUnknownAssertions-option-in-ws-policy-tt4823222.html

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira