You could do something similar to what the STS does in analysing WS-Security results:
final List<WSHandlerResult> handlerResults = CastUtils.cast((List<?>) messageContext.get(WSHandlerConstants.RECV_RESULTS)); if (handlerResults != null && handlerResults.size() > 0) { WSHandlerResult handlerResult = handlerResults.get(0); List<WSSecurityEngineResult> engineResults = handlerResult.getResults(); for (WSSecurityEngineResult engineResult : engineResults) { // etc. https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob_plain;f=services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java;hb=HEAD Colm. On Wed, Jul 9, 2014 at 6:52 PM, dhogan <dirk.ho...@forgerock.com> wrote: > I would like the AuthnStatement of an issued SAML2 assertion to contain an > AuthNContextClassRef which reflects the SupportingToken specified in the > SecurityPolicy binding protecting the STS Issue operation. So I am > wondering > how I could access the SupportingToken state from within my TokenProvider. > I > was thinking something along the lines of: > PhaseInterceptorChain.getCurrentMessage().get(Message.IN_INTERCEPTORS) > And then running through the interceptors to get the associated handlers, > with the aim of getting at the WSSecurityTokenHolder. > > But is nothing more than a (poorly) educated guess. I am hoping for some > guidance... > > Thanks > > Dirk > > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Accessing-SecurityPolicy-SupportingToken-in-STS-TokenProvider-tp5746242.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com