cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Davide Gesino <>
Subject Re: WS-SX
Date Thu, 10 Jan 2008 13:06:22 GMT

Maybe I am wrong adding my reply here, for I am not a CXF developer but a
user: anyway this thread is really what I was looking for, WS-SX (Trust and
conversation) advanced features.
These features are not present in the JIRA, so I guess these features will
not be in CXF 2.1.
Are these features definitively shifted to future versions? 

Dan Diephouse-2 wrote:
> One of the things on my wishlist for 2.1 is support for WS-SX -
> WS-SecurityPolicy, WS-SecureConversation, and WS-Trust. Its a very
> important feature for a lot of corporations because it enables much
> faster security and it also enables a range of security scenarios which
> weren't possible before. 
> I know I've chatted with Fred a bit about this before, but I'd like to
> bring the discussion to the dev list for a while so we can a) figure
> out the scope of the work b) decide if we can do it for 2.1 and c)
> figure out who's going to do what. Regarding this last point, I will be
> very happy to particpate, but I'm not sure I can do the majority of the
> work. But I can certainly code some and help brainstorm. 
> At a high level I suppose there are several things we need to do: 
>   Build a WS-Trust service for token exchange. At the very least we
> need to be able to create symmetric keys from the asymmetric public
> keys for WS-SecureConversation.
>   WS-SecurityPolicy
>     First we need to start using JAXB catalog files. These files
> allow JAXB to use classes which have already been generated when doing
> xsd2java. In other words, our ws-security module can generate the
> security policy beans and reference the beans in the policy module.
> Whereas right now, the policy beans would be regenerated by JAXB. This
> requires an upgrade to JAXB 2.1 and also it requires use of the
> official/Mojo JAXB plugin instead of our own. Our own plugin is
> architected in such a way that adding this feature isn't really
> possible without a rewrite, which seems like a waste of time. 
>     Which, if not all, policy assertions do we need to support?
>   WS-SecureConversation service and interceptors
>   WS-Security feature for configuration (I heard through the
> grapevine someone may have started on this. Would be interested to see
> what has been done - I really like the way Spring-WS does WS-Security
> configuration so it may be interesting to look into that)
> So with that - anyone else looked into this in more detail? Anyone want
> to help pick up this feature for 2.1? 
> Cheers, 
> - Dan 
> -- 
> Dan Diephouse
> MuleSource
>  | 

View this message in context:
Sent from the cxf-dev mailing list archive at

View raw message