cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Honey Goyal <er.honey2...@gmail.com>
Subject RE: Secure CXF rsServer with Jaas authentication
Date Fri, 11 Apr 2014 11:24:05 GMT
Thanks for response. Yeah read jaxrs Oauth2 documentation. It is really
what i need :)
On Apr 10, 2014 11:44 PM, "Andrei Shakirin [via CXF]" <
ml-node+s547215n5742669h83@n5.nabble.com> wrote:

> Hi,
>
> I am redirecting the question into user list, if you don't mind.
>
> I think OAuth 2.0 client credentials could be elegant solution for this
> case (https://cxf.apache.org/docs/jax-rs-oauth2.html).
> You will be able to authenticate client first time with HTTP basic
> credentials against OAuth Authentication Service (authentication can be
> JAAS based) and issue AccessToken (and RefreshToken).
> For further call Resource Service will validate AccessToken and you don't
> need to send HTTP basic credentials anymore.
>
> Second option is using SAML authentication token and STS with JAAS
> extension, but this is more involved (
> https://cxf.apache.org/docs/jax-rs-saml.html ).
>
> Does it make sense for you?
>
> Regards,
> Andrei.
>
> > -----Original Message-----
> > From: Honey Goyal [mailto:[hidden email]<http://user/SendEmail.jtp?type=node&node=5742669&i=0>]
>
> > Sent: Donnerstag, 10. April 2014 10:06
> > To: [hidden email]<http://user/SendEmail.jtp?type=node&node=5742669&i=1>
> > Subject: Secure CXF rsServer with Jaas authentication
> >
> > Hi,
> >
> > I am newbie to CXF. I have configured CXF JAASAuthenticationFilter to
> > authenticate by jaas realm to each rest call. But each time i had to
> pass Basic
> > Authenticate header to authenticate it. Can i configure any token based
> login
> > along with JAAS? So that only first time it authenticate with jaas and
> return any
> > auth token. Next time only i need that auth token to make call from
> client side.
> >
> > This is my working blueprint
> >
> > <?xml version="1.0" encoding="UTF-8"?>
> > <blueprint
> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
> >     xmlns:camel="http://camel.apache.org/schema/blueprint"
> >     xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
> >     xmlns:cm="
> http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.0.0"
> >     xmlns:jaxrs="http://cxf.apache.org/blueprint/jaxrs"
> >     xsi:schemaLocation="
> > http://www.osgi.org/xmlns/blueprint/v1.0.0
> > http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
> > http://camel.apache.org/schema/blueprint/cxf
> > http://camel.apache.org/schema/blueprint/cxf/camel-cxf.xsd
> > http://cxf.apache.org/blueprint/jaxrs
> > http://cxf.apache.org/schemas/blueprint/jaxrs.xsd
> > http://camel.apache.org/schema/blueprint
> > http://camel.apache.org/schema/blueprint/camel-blueprint.xsd" >
> >
> > <cm:property-placeholder persistent-id="com.xxxx.cp.securitytoken">
> >            <cm:default-properties>
> >               <cm:property name="myapp.api.url"
> > value="http://localhost:80/v1" />
> >            </cm:default-properties>
> >         </cm:property-placeholder>
> >
> >       <cxf:rsServer id="rsServer" address="/security"
> > serviceClass="com.xxxx.cp.securitytoken.SecurityTokenServiceImpl">
> >    <cxf:providers>
> >       <ref component-id="authorizationFilter"/>
> >    </cxf:providers>
> >      </cxf:rsServer>
> >
> >         < bean id="authorizationFilter"
> > class="org.apache.cxf.jaxrs.security.JAASAuthenticationFilter">
> >               Name of the JAAS Context
> >               <property name="contextName" value="myRealm"/>
> >         </bean>
> >
> >   <camelContext xmlns="http://camel.apache.org/schema/blueprint"
> > id="security">
> >       <route>
> > <from uri="cxfrs://bean://rsServer"/>
> > <to uri="{{myapp.api.url}}?bridgeEndpoint=true" />
> >       </route>
> >   </camelContext>
> >
> > </blueprint>
> >
> >
> >
> > --
> > View this message in context:
> http://cxf.547215.n5.nabble.com/Secure-CXF-
> > rsServer-with-Jaas-authentication-tp5742659.html
> > Sent from the cxf-dev mailing list archive at Nabble.com.
>
>
> ------------------------------
>  If you reply to this email, your message will be added to the discussion
> below:
>
> http://cxf.547215.n5.nabble.com/Secure-CXF-rsServer-with-Jaas-authentication-tp5742659p5742669.html
>  To unsubscribe from Secure CXF rsServer with Jaas authentication, click
> here<http://cxf.547215.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=5742659&code=ZXIuaG9uZXkyMDEyQGdtYWlsLmNvbXw1NzQyNjU5fC0xOTIzNzA4OTQ=>
> .
> NAML<http://cxf.547215.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>




--
View this message in context: http://cxf.547215.n5.nabble.com/Secure-CXF-rsServer-with-Jaas-authentication-tp5742659p5742697.html
Sent from the cxf-dev mailing list archive at Nabble.com.

Mime
View raw message