Hi All, I am trying to integrate Shiro into an Apache CXF project. The Authentication is already done by CXF. I am using a SAML token to authenticate at the service. Inside the token there already is the subject name and the role names. CXF establishes a CXF specific LoginSecuritycontext that contains these details.
Now I want to use a CXF interceptor to read this LoginSecurityContext and establish an authenticated Shiro subject that also contains subject name and roles. I intend to use the Shiro Context then to do normal Shiro authorization using annotations. Currently I only know how to log into Shiro using a UserPasswordToken. So I give Shiro my identity and my credentials and shiro does the authentication and fetches the roles. How can I change this to work with an already authenticated subject and given roles? Christian
