cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oliver Wulff <owu...@talend.com>
Subject REST security enhancements
Date Wed, 05 Feb 2014 19:56:30 GMT
Hi there

For the REST services of the Fediz IDP I'd like to support initially three security use cases.

1) Basic Authentication, Username/Password validated against the STS
2) Basic Authentication, Username/Password validated with JAAS
3) SAML token in Basic Authorization header

In CXF 3.0, each REST security interceptor enforces the security credentials it supports.
Therefore, you can't just configure all interceptors like:
org.apache.cxf.ws.security.trust.AuthPolicyValidatingInterceptor
org.apache.cxf.rs.security.saml.SamlEnvelopedInHandler
org.apache.cxf.jaxrs.security.JAASAuthenticationFilter

The interceptors should not throw an exception but instead assert the token (similar the policy)
and finally an interceptor checks whether one token was provided and successfully validated.

Other ideas?

Thanks
Oli




------

Oliver Wulff

Blog: http://owulff.blogspot.com<http://owulff.blogspot.com/>
Solution Architect
http://coders.talend.com

<http://coders.talend.com>Talend Application Integration Division http://www.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message