Hi, I am struggling with configuring CXF and spring security. I am running the 2.3.1-SNAPSHOT which has some improvements to the WSS4JInInterceptor. So basically what I have is a JAX-WS service using ws-security to authenticate using username password token. The username is the uid= of the DN of a user record in LDAP.
What I want is for the Principal saved into teh CXF SecurityContext to have the Full DN of the user. So what I have setup by way of interceptors are: org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor (ws-security.ut.no-callbacks = true) I have a custom class which extends org.apache.cxf.interceptor.security.AbstractUsernameTokenInInterceptor to use spring security to create the Subject. I am creating a subject with the full DN of the user. However the org.apache.cxf.interceptor.security.AbstractSecurityContextInInterceptor ignores this and recreates the SecurityContext with the original username SecurityContext sc = createSecurityContext(context.getUserPrincipal(), subject); So I am kind of up the creek without any kind of paddle :-) Any suggestions for how I might proceed. I guess I can always create my own interceptor from scratch to do this. I already did the same thing to populate the full DN of groups.
