Re: Accessing FederationPrincipal from a Filter in Fediz Plugin

Wed, 12 Sep 2012 08:25:57 -0700 

I believe this is to be done at CXF endpoint level.
We have authorizing interceptors which can use SAML assertions and claims to get users authorized. This is supported for JAX-RS but the interceptors have been moved to a common module for WS-based endpoint to use them too, it is not there yet but will be in time 

Sergey
On 12/09/12 16:10, Gina Choi wrote:


In my case, after user is authenticated based on claims in Assertion token,
we make some kind of authorization decision. So, I need to access claims
through FederationPrincipal(the most simpler) or token
SecurityTokenThreadLocal.getToken(). While we have access to
SecurityTokenThreadLocal.getToken() anywhere in our java class,
FederationPrincipal seems have limitation.

1. Is there anyway to access FederationPrincipal anywhere in Java class?
2. If not, I have to think of following solution.

     Element token = SecurityTokenThreadLocal.getToken();
     AssertionWrapper assertion = new AssertionWrapper(token);

But second line give me trouble. I am working on a time critical production
integration. I am very much appreciate any ideas.

javax.servlet.ServletException: An error occurred:
org.opensaml.samlext.saml2mdattr.impl.EntityAttributesBuilder cannot be cast
to org.opensaml.xml.XMLObjectBuilder

org.exist.http.urlrewrite.XQueryURLRewrite.doFilter(XQueryURLRewrite.java:374)
        com.sdl.cd.livecontent.sso.LCFilter.doFilter(LCFilter.java:157)

org.apache.cxf.fediz.example.FederationFilter.doFilter(FederationFilter.java:62)

root cause

java.lang.ClassCastException:
org.opensaml.samlext.saml2mdattr.impl.EntityAttributesBuilder cannot be cast
to org.opensaml.xml.XMLObjectBuilder

org.opensaml.xml.XMLConfigurator.initializeObjectProviders(XMLConfigurator.java:235)
        org.opensaml.xml.XMLConfigurator.load(XMLConfigurator.java:181)
        org.opensaml.xml.XMLConfigurator.load(XMLConfigurator.java:165)
        org.opensaml.xml.XMLConfigurator.load(XMLConfigurator.java:142)

org.apache.ws.security.saml.ext.OpenSAMLBootstrap.initializeXMLTooling(OpenSAMLBootstrap.java:99)

org.apache.ws.security.saml.ext.OpenSAMLBootstrap.bootstrap(OpenSAMLBootstrap.java:80)

org.apache.ws.security.saml.ext.OpenSAMLUtil.initSamlEngine(OpenSAMLUtil.java:61)

org.apache.ws.security.saml.ext.AssertionWrapper.<init>(AssertionWrapper.java:155)



--
View this message in context: 
http://cxf.547215.n5.nabble.com/Accessing-FederationPrincipal-from-a-Filter-in-Fediz-Plugin-tp5713804p5713863.html
Sent from the cxf-user mailing list archive at Nabble.com.

























					Reply via email to