At this point, I just need access to the BST inside the RST and forward it to a certificate issuer so it can issue me a certificate. I also need access to the AdditionalContext inside the RST (My request to the issuer needs to contain both items)
I haven't written the code yet since I didn't get past the BST hurdle, so I don't know how the implementation will go, I am open to any approach. I don't see why it couldn't be a custom tokenprovider, assuming I can hand off both the BST and the additonalcontext. But since the BST and the additionalcontext inside the RST are peers not parent/child, would that work? -- View this message in context: http://cxf.547215.n5.nabble.com/STS-How-to-handle-BinarySecurityToken-when-it-s-not-as-expected-tp5782018p5782271.html Sent from the cxf-user mailing list archive at Nabble.com.
