cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrei Shakirin <ashaki...@talend.com>
Subject Reusing SAML Token issue/renew functionality in JAX-RS
Date Sun, 25 Jan 2015 16:52:49 GMT
Hi,

I am working on scenario, where CXF JAX-RS service requests SAML token from STS.
Currently is quite easy to validate SAML against STS in JAX-RS Service and issue SAML internally
using SamlCallbackHandler: http://cxf.apache.org/docs/jax-rs-saml.html.
Unfortunately there is no easy way to request SAML from STS for the JAX-RS services: it is
necessary to write own interceptor, configure STS client, implement issue and renew logic,
etc.

>From my perspective it could make sense to reuse some functionality from IssuedTokenOutInterceptor
for JAX-RS services as well. In this case it would be necessary to extract some IssuedTokenOutInterceptor
code into appropriate utility methods (STSUtils ?) and make it independent from WS-Policy
stuff. After that we can add new interceptor for JAX-RS services reusing code in utility module.

Any thoughts and objections?

Regards,
Andrei.


Mime
View raw message