Hi, Yes I suppose all of the STS Validators should set the Message Context on the RequestData object. Could you submit a patch?
Colm. On Fri, Dec 13, 2013 at 4:06 PM, dhogan <[email protected]> wrote: > I am running version 2.7.2 of org.apache.cxf.services.sts. I am plugging a > org.apache.ws.security.validate.UsernameTokenValidator subclass as the > Validator in the org.apache.cxf.sts.token.validator.UsernameTokenValidator > class. I was hoping to store some state generated in my > org.apache.ws.security.validate.UsernameTokenValidator instance in the > ServletRequest, which I hoped to pull out of the RequestData instance > passed > to the > > org.apache.ws.security.validate.UsernameTokenValidator.verifyPlaintextPassword(UsernameToken,RequestData) > method via the getMsgContext() method in the RequestData class. Yet > getMsgContext() always returns null. I notice that the > org.apache.cxf.sts.token.validator.UsernameTokenValidator does not populate > this field by using the getWebServiceContext().getMessageContext() calls on > the TokenValidatorParameters instance passed to validateToken method. I > noticed that the SAMLTokenValidator does not do this either. Is this a bug > (for which I could submit a patch?), or am I missing something? > > The PhaseInterceptorChain.getCurrentMessage() work-around works. > > Dirk > > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/UsernameTokenValidator-tp5707938p5737823.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
