[ https://issues.apache.org/jira/browse/CXF-6401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh closed CXF-6401. ------------------------------------ > Change the order that the set of security results are searched to create a > security context > ------------------------------------------------------------------------------------------- > > Key: CXF-6401 > URL: https://issues.apache.org/jira/browse/CXF-6401 > Project: CXF > Issue Type: Improvement > Reporter: Colm O hEigeartaigh > Assignee: Colm O hEigeartaigh > Fix For: 3.1.1, 3.0.6 > > Attachments: patch.txt > > > Right now we search the list of security results from WSS4J from the last > result backwards, and stop when we meet a result that can be used to create a > security context. However, we should instead create a list of desired > tokens/actions with a priority to each one. So for example, if a (signed) > SAML token is in the security header, this should have a higher priority than > say a Signature, as the likely intention of the service logic is that the > SAML Token encapsulates the user identity. -- This message was sent by Atlassian JIRA (v6.3.4#6332)