Hello,
I am using "SAMLTokenUnsigned" profile in the WSS4J implementation. I have
my own policy enforcement engine that converts the SAML request to XACML
request and then runs it through the XACML PDP and PEP enignes. The policy
enforcement engine is responsible for enforcing the access rules to the
resource requested.
I was wondering if after processing the security header in WSS4J the
SAMLAssertion instance could be added to the MessageContext object so that
other handlers in the chain could access that SAMLAssertion and run it
through the policy engine that I have designed.
Currently, the WSS4J code only seem to verify the signature and trust for
the Assertion and then puts the assertion in the wsResults vector.But once
the processing is done in doReciever() the assertion cannot be accessed
from other handlers.
I was wondering if someone could help me over here. I am ready to work out
the patch, please let me know.
Thanks,
Ashok.
