chemistry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oliver Wulff <>
Subject RE: CXF support as web services stack in opencmis
Date Thu, 21 Mar 2013 20:58:05 GMT
Hi Florian

Thanks for the feedback. CXF supports MTOM and streaming out-of-the-box without any implementation
specific dependencies. I think it should by quite easy to integrate CXF as a web services
stack in chemistry. The security part is then enforced by WS-SecurityPolicies without a lot
of API usage.

I'll give it a try. Would you look into this if I raise a JIRA and apply a patch including
unit testing?

Are there non resolvable issues do improve performance for the Web Services Binding?



Oliver Wulff

From: Florian Müller []
Sent: 21 March 2013 12:38
Cc: Oliver Wulff
Subject: Re: CXF support as web services stack in opencmis

 Hi Oliver,

 There is no active development around CXF support at the moment (see
 [1] why).

 But what you want is a custom authentication provider [2]. The easiest
 way to build one is to copy the standard authentication provider code
 [3] and modify it. We (SAP) have implemented SAML support for our
 infrastructure. So that's doable. WS-Trust STS might be trickier, but
 certainly possible.

 Apart from that, you might want to consider using a different binding.
 The Web Services binding is pretty slow compared to the other two

 - Florian




> Hi there
> I'm looking into the usage of opencmis to interact with a CMS system.
> This worked fine with basic security. Currently, username/password is
> supported with HTTP Basic Authentication or WS-Security
> UsernameToken.
> In our case, the CMIS client is deployed in a web application which
> must sent requests on behalf of the web application user. So far, we
> used SAML and the WS-Trust STS which is supported by Apache CXF.
> I've spotted the following class CXFPortProvider but it is not
> active. Is there any other work ongoing in supporting CXF and any
> other WS-Security tokens?
> Thanks
> Oli
View raw message