chemistry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oliver Wulff <owu...@talend.com>
Subject RE: CXF support as web services stack in opencmis
Date Thu, 21 Mar 2013 20:58:05 GMT
Hi Florian

Thanks for the feedback. CXF supports MTOM and streaming out-of-the-box without any implementation
specific dependencies. I think it should by quite easy to integrate CXF as a web services
stack in chemistry. The security part is then enforced by WS-SecurityPolicies without a lot
of API usage.

I'll give it a try. Would you look into this if I raise a JIRA and apply a patch including
unit testing?

Are there non resolvable issues do improve performance for the Web Services Binding?

Thanks
Oli



------

Oliver Wulff
Blog: http://owulff.blogspot.com

________________________________________
From: Florian Müller [fmui@apache.org]
Sent: 21 March 2013 12:38
To: dev@chemistry.apache.org
Cc: Oliver Wulff
Subject: Re: CXF support as web services stack in opencmis

 Hi Oliver,

 There is no active development around CXF support at the moment (see
 [1] why).

 But what you want is a custom authentication provider [2]. The easiest
 way to build one is to copy the standard authentication provider code
 [3] and modify it. We (SAP) have implemented SAML support for our
 infrastructure. So that's doable. WS-Trust STS might be trickier, but
 certainly possible.

 Apart from that, you might want to consider using a different binding.
 The Web Services binding is pretty slow compared to the other two
 bindings.


 - Florian


 [1]
 http://mail-archives.apache.org/mod_mbox/chemistry-dev/201206.mbox/%3C4FDF8B71.9020108%40apache.org%3E

 [2]
 http://chemistry.apache.org/java/developing/client/dev-client-bindings.html#OpenCMISClientBindings-CustomAuthenticationProvider

 [3]
 https://svn.apache.org/repos/asf/chemistry/opencmis/trunk/chemistry-opencmis-client/chemistry-opencmis-client-bindings/src/main/java/org/apache/chemistry/opencmis/client/bindings/spi/StandardAuthenticationProvider.java


> Hi there
>
>
>
> I'm looking into the usage of opencmis to interact with a CMS system.
> This worked fine with basic security. Currently, username/password is
> supported with HTTP Basic Authentication or WS-Security
> UsernameToken.
> In our case, the CMIS client is deployed in a web application which
> must sent requests on behalf of the web application user. So far, we
> used SAML and the WS-Trust STS which is supported by Apache CXF.
>
>
>
> I've spotted the following class CXFPortProvider but it is not
> active. Is there any other work ongoing in supporting CXF and any
> other WS-Security tokens?
>
>
>
> Thanks
>
> Oli
Mime
View raw message