cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CXF-3565) Support pluggable way of configuring WS-Trust ActAs and OnBehalfOf behaviour
Date Wed, 01 Jun 2011 15:34:47 GMT
Support pluggable way of configuring WS-Trust ActAs and OnBehalfOf behaviour
----------------------------------------------------------------------------

                 Key: CXF-3565
                 URL: https://issues.apache.org/jira/browse/CXF-3565
             Project: CXF
          Issue Type: New Feature
          Components: WS-* Components
    Affects Versions: 2.4
            Reporter: Colm O hEigeartaigh
            Assignee: Colm O hEigeartaigh
             Fix For: 2.4.1


CXF-2905 introduced support for the WS-Trust 1.4 ActAs behaviour in CXF. This allows the user
to send a security token as an "ActAs" element in a RequestSecurityToken invocation. This
can be configured in two ways:

 a) As a String directly on the STSClient bean in Spring, e.g. <property name="actAs" value="..."/>
 b) As a String or DOM Element programmatically via the jaxws property SecurityConstants.STS_TOKEN_ACT_AS

CXF 2.4.0 supports the ability to set a security token as an "OnBehalfOf" element directly
on the STSClient, but not provide configuration support. 

There are three goals for this task:

 a) Add the ability to configure OnBehalfOf in the same way as ActAs (String/Element)
 b) Add the ability to also add a CallbackHandler object for either token. This is an alternative
to having to add an interceptor to set the appropriate property.
 c) Add two CallbackHandler implementations which can be used for either ActAs or OnBehalfOf
for common scenarios. The first adds a received security token in the previous message (UsernameToken/SAML
Token/Binary Security Token). The second adds a UsernameToken with no password, where the
username is obtained via the jaxws:property ws-security.username.



--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message