cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r852258 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-oauth2.html docs/jaxrs-oauth2-assertions.html
Date Wed, 27 Feb 2013 17:48:28 GMT
Author: buildbot
Date: Wed Feb 27 17:48:28 2013
New Revision: 852258

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/docs.pageCache
    websites/production/cxf/content/docs/jax-rs-oauth2.html
    websites/production/cxf/content/docs/jaxrs-oauth2-assertions.html

Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/docs/jax-rs-oauth2.html
==============================================================================
--- websites/production/cxf/content/docs/jax-rs-oauth2.html (original)
+++ websites/production/cxf/content/docs/jax-rs-oauth2.html Wed Feb 27 17:48:28 2013
@@ -125,7 +125,7 @@ Apache CXF -- JAX-RS OAuth2
 
 
 <div>
-<ul><li><a shape="rect" href="#JAX-RSOAuth2-Introduction">Introduction</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-Mavendependencies">Maven dependencies</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-DevelopingOAuth2Servers">Developing OAuth2 Servers</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-AuthorizationService">Authorization Service</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-EndUserNameinAuthorizationForm">EndUser Name in Authorization
Form</a></li></ul><li><a shape="rect" href="#JAX-RSOAuth2-AccessTokenService">AccessTokenService</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-AccessTokenTypes">Access Token Types</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-Bearer">Bearer</a></li><li><a shape="rect"
href="#JAX-RSOAuth2-MAC">MAC</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Assertions">Assertions</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-CustomandEncryptedtokens">Custom and Encrypted tokens</a></li></ul><li><a
shape="rect" href="#
 JAX-RSOAuth2-AccessTokenValidationService">AccessTokenValidationService</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth2-SupportedGrants">Supported Grants</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-AuthorizationCode">Authorization Code</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-Implicit">Implicit</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-ClientCredentials">Client Credentials</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-ResourceOwnerPasswordCredentials">Resource Owner Password
Credentials</a></li><li><a shape="rect" href="#JAX-RSOAuth2-RefreshToken">Refresh
Token</a></li><li><a shape="rect" href="#JAX-RSOAuth2-CustomGrants">Custom
Grants</a></li></ul><li><a shape="rect" href="#JAX-RSOAuth2-PreAuthorizedaccesstokens">PreAuthorized
access tokens</a></li><li><a shape="rect" href="#JAX-RSOAuth2-WritingOAuthDataProvider">Writing
OAuthDataProvider</a></li><li><a shape="rect" href="#JAX-RSOAuth2-OAuthServerJAXRSendpoints">OAuth
Server JAX-RS endpoints</a><
 /li></ul><li><a shape="rect" href="#JAX-RSOAuth2-ThirdPartyClientAuthentication">Third
Party Client Authentication</a></li><li><a shape="rect" href="#JAX-RSOAuth2-UserSessionAuthenticity">User
Session Authenticity</a></li><li><a shape="rect" href="#JAX-RSOAuth2-CustomizingEndUserSubjectinitialization">Customizing
End User Subject initialization</a></li><li><a shape="rect" href="#JAX-RSOAuth2-ProtectingresourceswithOAuthfilters">Protecting
resources with OAuth filters</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Howtogettheuserloginname">How
to get the user login name</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Clientsidesupport">Client-side
support</a></li><li><a shape="rect" href="#JAX-RSOAuth2-OAuth2withouttheExplicitAuthorization">OAuth2
without the Explicit Authorization</a></li><li><a shape="rect" href="#JAX-RSOAuth2-OAuthWithoutaBrowser">OAuth
Without a Browser</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Reportingerrordetails">Reporting
error details</a></li
 ><li><a shape="rect" href="#JAX-RSOAuth2-Designconsiderations">Design considerations</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-ControllingtheAccesstoResourceServer">Controlling the
Access to Resource Server</a></li><ul><li><a shape="rect" href="#JAX-RSOAuth2-Sharingthesameaccesspathbetweenendusersandclients">Sharing
the same access path between end users and clients</a></li><li><a shape="rect"
href="#JAX-RSOAuth2-Providingdifferentaccesspointstoendusersandclients">Providing different
access points to end users and clients</a></li></ul><li><a shape="rect"
href="#JAX-RSOAuth2-SingleSignOn">Single Sign On</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth2-WhatIsNext">What Is Next</a></li></ul></div>
+<ul><li><a shape="rect" href="#JAX-RSOAuth2-Introduction">Introduction</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-Mavendependencies">Maven dependencies</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-DevelopingOAuth2Servers">Developing OAuth2 Servers</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-AuthorizationService">Authorization Service</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-EndUserNameinAuthorizationForm">EndUser Name in Authorization
Form</a></li></ul><li><a shape="rect" href="#JAX-RSOAuth2-AccessTokenService">AccessTokenService</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-AccessTokenTypes">Access Token Types</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-Bearer">Bearer</a></li><li><a shape="rect"
href="#JAX-RSOAuth2-MAC">MAC</a></li><li><a shape="rect" href="#JAX-RSOAuth2-CustomandEncryptedtokens">Custom
and Encrypted tokens</a></li></ul><li><a shape="rect" href="#JAX-RSOAuth2-AccessTokenValidationService">AccessTokenValidationService
 </a></li></ul><li><a shape="rect" href="#JAX-RSOAuth2-SupportedGrants">Supported
Grants</a></li><ul><li><a shape="rect" href="#JAX-RSOAuth2-AuthorizationCode">Authorization
Code</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Implicit">Implicit</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-ClientCredentials">Client Credentials</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-ResourceOwnerPasswordCredentials">Resource Owner Password
Credentials</a></li><li><a shape="rect" href="#JAX-RSOAuth2-RefreshToken">Refresh
Token</a></li><ul><li><a shape="rect" href="#JAX-RSOAuth2-Assertions">Assertions</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth2-CustomGrants">Custom Grants</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth2-PreAuthorizedaccesstokens">PreAuthorized access tokens</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-WritingOAuthDataProvider">Writing OAuthDataProvider</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-OAuthServerJAXRSendpoints">OAuth Server JAX-RS endpo
 ints</a></li></ul><li><a shape="rect" href="#JAX-RSOAuth2-ThirdPartyClientAuthentication">Third
Party Client Authentication</a></li><li><a shape="rect" href="#JAX-RSOAuth2-UserSessionAuthenticity">User
Session Authenticity</a></li><li><a shape="rect" href="#JAX-RSOAuth2-CustomizingEndUserSubjectinitialization">Customizing
End User Subject initialization</a></li><li><a shape="rect" href="#JAX-RSOAuth2-ProtectingresourceswithOAuthfilters">Protecting
resources with OAuth filters</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Howtogettheuserloginname">How
to get the user login name</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Clientsidesupport">Client-side
support</a></li><li><a shape="rect" href="#JAX-RSOAuth2-OAuth2withouttheExplicitAuthorization">OAuth2
without the Explicit Authorization</a></li><li><a shape="rect" href="#JAX-RSOAuth2-OAuthWithoutaBrowser">OAuth
Without a Browser</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Reportingerrordetails">Reporting
error detail
 s</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Designconsiderations">Design
considerations</a></li><ul><li><a shape="rect" href="#JAX-RSOAuth2-ControllingtheAccesstoResourceServer">Controlling
the Access to Resource Server</a></li><ul><li><a shape="rect" href="#JAX-RSOAuth2-Sharingthesameaccesspathbetweenendusersandclients">Sharing
the same access path between end users and clients</a></li><li><a shape="rect"
href="#JAX-RSOAuth2-Providingdifferentaccesspointstoendusersandclients">Providing different
access points to end users and clients</a></li></ul><li><a shape="rect"
href="#JAX-RSOAuth2-SingleSignOn">Single Sign On</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth2-WhatIsNext">What Is Next</a></li></ul></div>
 
 <h1><a shape="rect" name="JAX-RSOAuth2-Introduction"></a>Introduction</h1>
 
@@ -503,12 +503,6 @@ Authorization: MAC id=<span class="code-
 
 <p>where 'ts' attribute is used to pass a timestamp value.</p>
 
-<h4><a shape="rect" name="JAX-RSOAuth2-Assertions"></a>Assertions</h4>
-
-<p>SAML2 Bearer and JWT assertions can be used as token grants. </p>
-
-<p>Please see <a shape="rect" href="jaxrs-oauth2-assertions.html" title="JAXRS OAuth2
Assertions">JAXRS OAuth2 Assertions</a> section for more information.</p>
-
 <h4><a shape="rect" name="JAX-RSOAuth2-CustomandEncryptedtokens"></a>Custom
and Encrypted tokens</h4>
 
 <p>If needed, users can use their own custom token types, with the only restriction
that the custom token type implementations have to extend org.apache.cxf.rs.security.oauth2.common.ServerAccessToken.
</p>
@@ -564,6 +558,12 @@ The simplest approach is to register a C
 
 <p>CXF-based clients can use a helper <a shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrant.java">RefreshTokenGrant</a>
bean to request a new access token with OAuthClientUtils.</p>
 
+<h4><a shape="rect" name="JAX-RSOAuth2-Assertions"></a>Assertions</h4>
+
+<p>SAML2 Bearer and JWT assertions can be used as token grants. </p>
+
+<p>Please see <a shape="rect" href="jaxrs-oauth2-assertions.html" title="JAXRS OAuth2
Assertions">JAXRS OAuth2 Assertions</a> section for more information.</p>
+
 
 <h3><a shape="rect" name="JAX-RSOAuth2-CustomGrants"></a>Custom Grants</h3>
 

Modified: websites/production/cxf/content/docs/jaxrs-oauth2-assertions.html
==============================================================================
--- websites/production/cxf/content/docs/jaxrs-oauth2-assertions.html (original)
+++ websites/production/cxf/content/docs/jaxrs-oauth2-assertions.html Wed Feb 27 17:48:28
2013
@@ -141,6 +141,26 @@ with OAuth 2.0" and <a shape="rect" clas
 <h1><a shape="rect" name="JAXRSOAuth2Assertions-SAML2Bearer"></a>SAML2
Bearer</h1>
 
 <h2><a shape="rect" name="JAXRSOAuth2Assertions-AccessTokenGrant"></a>Access
Token Grant</h2>
+
+<p><a shape="rect" class="external-link" href="http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-15#section-2.1"
rel="nofollow">This section</a> explains how SAML2 Bearer assertions can be used
as token grants. The value of grant_type parameter is "urn:ietf:params:oauth:grant-type:saml2-bearer".</p>
+
+
+<p>It is really just another grant type, but whose actual value is a SAML assertion.
The specification provides an <a shape="rect" class="external-link" href="http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-15#section-4"
rel="nofollow">example</a> of how such an assertion may look like.</p>
+
+<p>The additional restriction is that the assertions have to be encoded using Base64Url
encoding. <br clear="none">
+Here is how a request may look like:</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-java">
+POST /token HTTP/1.1
+Content-Type: application/x-www-form-urlencoded
+
+grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Asaml2-bearer&amp;
+assertion=Base64UrlEncoded-SAML2-Bearer-Assertion
+</pre>
+</div></div>
+
+
 <h2><a shape="rect" name="JAXRSOAuth2Assertions-AuthenticationToken"></a>Authentication
Token</h2></div>
            </div>
            <!-- Content -->



Mime
View raw message