Steven Tippetts created CXF-4666:
------------------------------------
Summary: [OAuth2] securityContext problem on createSubject
Key: CXF-4666
URL: https://issues.apache.org/jira/browse/CXF-4666
Project: CXF
Issue Type: Bug
Components: JAX-RS Security
Affects Versions: 2.7.0
Reporter: Steven Tippetts
This is probably just ignorance on my part, but when I override the
createSubject method in the RedirecationBasedGrantService.java file, the
securityContext parameter that is passed in is of type
AbstractHTTPDestination$2. This parameter contains my authentication token, but
I don't know how to get at it, so I'm having to go to the SecurityContextHolder
to get the context instead of just using the parameter.
I'm just using standard Spring authentication, so it seems like many other
people would also have AbstractHTTPDestination$2 as the security type, which
causes roles to be missed in the OAuthUtils.createSubject method.
I'm sure I missed some details so please let know your questions and thanks for
your help.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
