Hi Dan If you do it manually, you will loose the token caching functionality. Maybe as a starting point have a look to the following class: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?view=markup
The following lines show how to set the security token: 216 message.put(SecurityConstants.TOKEN_ID, tok.getId()); 217 } 218 getTokenStore(message).add(tok); What timelines do you have? As asked before, do we talk about identity mapping or claims transformation? Thanks ------ Oliver Wulff http://owulff.blogspot.com Solution Architect Talend Application Integration Division http://www.talend.com ________________________________________ Von: DTaylor [[email protected]] Gesendet: Mittwoch, 18. Januar 2012 20:14 Bis: [email protected] Betreff: Re: AW: Multiple STS Authentication and Authorization Hi Oli, Thanks for your response. The item you specified with your JIRA issue CXF-3520 is pretty much the exact scenario we will require for future service implementations. Is there a way to do the work described in CXF-3520 manually and (relatively) easily using the STSClient class, or is it more a matter of constructing our own request to the second STS at the moment? Also, the ClaimsSecurityContext enhancement would also be of great help to us as well with future plans. Thanks again, Dan. -- View this message in context: http://cxf.547215.n5.nabble.com/Multiple-STS-Authentication-and-Authorization-tp5155338p5155628.html Sent from the cxf-user mailing list archive at Nabble.com.
