cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergey Beryozkin <>
Subject Re: Reusing SAML Token issue/renew functionality in JAX-RS
Date Mon, 26 Jan 2015 10:50:43 GMT
Hi Andriy

I've looked at IssuedTokenInterceptorProvider, I'm not sure how much 
self-contained code we can reuse from that interceptor.

How would a JAXRS client interceptor would look like ? I guess it should 
invoke on STSClient and set a SAML assertion on the current message ?

Thanks, Sergey

On 25/01/15 16:52, Andrei Shakirin wrote:
> Hi,
> I am working on scenario, where CXF JAX-RS service requests SAML token from STS.
> Currently is quite easy to validate SAML against STS in JAX-RS Service and issue SAML
internally using SamlCallbackHandler:
> Unfortunately there is no easy way to request SAML from STS for the JAX-RS services:
it is necessary to write own interceptor, configure STS client, implement issue and renew
logic, etc.
>  From my perspective it could make sense to reuse some functionality from IssuedTokenOutInterceptor
for JAX-RS services as well. In this case it would be necessary to extract some IssuedTokenOutInterceptor
code into appropriate utility methods (STSUtils ?) and make it independent from WS-Policy
stuff. After that we can add new interceptor for JAX-RS services reusing code in utility module.
> Any thoughts and objections?
> Regards,
> Andrei.

View raw message