Now I want to call a StatelessSessionBean from my Webservice(POJO)Endpoint implementation. How can I get the SAML asserted/authenticated principal into the security context of the container, so the the EJB container has the user information from the SAML assertion?
At the moment the webservice implementation has not the right to call a method on an ejb. In "webServiceContext.getUserPrincipal()" I can see the correct user, but this is not transferred in th EJB call.
I think JBossWS-CXF should use a JBoss security-domain to authenticate the SAML token, instead of using the internal CXF logic. Or at least there should be a bridge from the CXF security context to the JBoss security domain, isn't it?