Hi Dan, 1. CXF supports both SAML versions. 2. PlaceHolderInterceptor: addAfter() is not enough. Your interceptor should be in the same phase with WSS4jOutInterceptorInternal (Phase.POST_PROTOCOL) or later for outgoing chain(see http://cxf.apache.org/docs/interceptors.html for details). If you looks into message.getInterceptorChain() you will see all interceptors in processing order for all phases - just control is your interceptor on the right place.
Btw: if PlaceHolderInterceptor is your class, what is the reason to create it into apache package? One more question: are you sure that SAML token was successfully received and accepted by your client? Regards, Andrei. -----Original Message----- From: DTaylor [mailto:[email protected]] Sent: 11 May 2012 16:02 To: [email protected] Subject: RE: Accessing Claims in a client Hi Andrei, I've moved my interceptor into the chain post WSS4JOutInterceptorInternal. I am still receiving null for the security context. Do I need to be using SAML 2 tokens to do this? Or will SAML 1.1 tokens work as well? Also, just to be sure. Our interceptor is located in a com.mycompany.foo package. To add it to the interceptor chain, I created an org.apache.cxf.ws.security.wss4j.PlaceHolderInterceptor which does an "addAfter(WSS4jOutInterceptorInternal.class.getName());" in its constructor, then added my interceptor after the PlaceHolderInterceptor. This should work for the chaining I believe, am I correct? Thanks for your help, Dan. -- View this message in context: http://cxf.547215.n5.nabble.com/Accessing-Claims-in-a-client-tp5698187p5703109.html Sent from the cxf-user mailing list archive at Nabble.com.
