Hello,
I have an existing web service that has some simple security policy defined in the WSDL, where it expects a number of claims to come through from LDAP. That's all working fine, but I'd like to pass those claims to a XACML PDP and not try to make the decision there in the WSDL. I see some pieces of support for requests to a XACML PDP from a CXF web service (CXF-4657) and I have looked at some of the source in systests and in the org.apache.cxf.rt.security.xacml package. So I have a general understanding of what is there, and the systests show how the messages flow. What I'm missing is how to tie all this into a web service through WSDL and/or config xml files. Is there any doc or example of that? Can I do the XACML request initiation and decision consumption from within the WSDL? Or do I need custom interceptors? Thanks, - Gavin ------------------- Gavin J. Sutcliffe
