cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrei Shakirin <>
Subject Reusing SAML Token issue/renew functionality in JAX-RS
Date Sun, 25 Jan 2015 16:52:49 GMT

I am working on scenario, where CXF JAX-RS service requests SAML token from STS.
Currently is quite easy to validate SAML against STS in JAX-RS Service and issue SAML internally
using SamlCallbackHandler:
Unfortunately there is no easy way to request SAML from STS for the JAX-RS services: it is
necessary to write own interceptor, configure STS client, implement issue and renew logic,

>From my perspective it could make sense to reuse some functionality from IssuedTokenOutInterceptor
for JAX-RS services as well. In this case it would be necessary to extract some IssuedTokenOutInterceptor
code into appropriate utility methods (STSUtils ?) and make it independent from WS-Policy
stuff. After that we can add new interceptor for JAX-RS services reusing code in utility module.

Any thoughts and objections?


View raw message