Hi Andrei, The WSS4jOutInterceptorInternal is a package protected class. I made the PlaceHolderInterceptor so that I could explicitly say addAfter(WSS4JOutInterceptorInternal), and then have my real interceptor go after the PlaceHolderInterceptor (basically a quick and dirty test).
According to the iterator over the interceptor chain, my real interceptor is about 4 interceptors after the WSS4JOutInterceptor and it is in the POST_PROTOCOL phase. I am unable to acquire the security context at this point. I am relatively sure the SAML token was successfully received and accepted by my client, based upon if I modify the STS to not return one of the claims I am making, the Service rejects the interaction from the client entirely due to the claim not being present and not being optional. There are no errors or warnings in my server STS logs and I get no errors or exceptions on the client side. Adding logging to the interceptor I'm writing in the handleMessage method: My Phase: post-protocol this.getBefore() returns: this.getAfter() returns: Interceptor: org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor.PolicyBasedWSS4JOutInterceptorInternal Interceptor: org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.WSS4JOutInterceptorInternal -- View this message in context: http://cxf.547215.n5.nabble.com/Accessing-Claims-in-a-client-tp5698187p5704049.html Sent from the cxf-user mailing list archive at Nabble.com.
