4 Replies Latest reply on Sep 25, 2013 6:08 AM by Radomír Kadlec

    cxfbc:provider looses authenticated principals

    Radomír Kadlec Newbie

      Hello

      it seems, that calling some cxfbc:provider from some compound webservice causes loosing of authenticated principals.

       

      The scenario is:

      1. Request is consumed through cxfbc:consumer.

      2. The user from WS-Security header is authenticated in jaas, the principals are created.

      I can see this principals in the auditing file (user and role principals).

      3. The client calls eip:static-routing-slip pattern, that contains more camel endpoints calls and one cxfbc:provider call between them.

      4. Every endpoint call is audited and the audit file contains all of the principals.

      5. But after returning from the cxfbc:provider the static-routing-slip calls another camel endpoint. In this moments contains the audit file no principals more and the call of the camel endpoint causes an authorisation exception.

       

      Why is it so?

      What can I do to not loose the principals after calling some external webservice through cxfbc:provider?

       

      I use apache-servicemix-4.4.1-fuse-07-11 with osgi deployment.

       

      Thank your

      Radomir Kadlec

       

      Edited by: kadlec on Dec 13, 2012 1:20 PM