Colm O hEigeartaigh closed CXF-6401.

> Change the order that the set of security results are searched to create a 
> security context
> -------------------------------------------------------------------------------------------
>                 Key: CXF-6401
>                 URL: https://issues.apache.org/jira/browse/CXF-6401
>             Project: CXF
>          Issue Type: Improvement
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 3.1.1, 3.0.6
>         Attachments: patch.txt
> Right now we search the list of security results from WSS4J from the last 
> result backwards, and stop when we meet a result that can be used to create a 
> security context. However, we should instead create a list of desired 
> tokens/actions with a priority to each one. So for example, if a (signed) 
> SAML token is in the security header, this should have a higher priority than 
> say a Signature, as the likely intention of the service logic is that the 
> SAML Token encapsulates the user identity.

This message was sent by Atlassian JIRA

Reply via email to