cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Beryozkin (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-3733) Introduce rt/rs/security/xml module
Date Thu, 11 Aug 2011 09:44:27 GMT

    [ https://issues.apache.org/jira/browse/CXF-3733?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13083038#comment-13083038
] 

Sergey Beryozkin commented on CXF-3733:
---------------------------------------

wss4j dependency will be needed - I think this is OK given that WSS4J has a lot of fine code
to do with all sort of subtle security issues - so reusing some of that code when possible
in context of non-SOAP requests seems perfectly ok to me

> Introduce rt/rs/security/xml module
> -----------------------------------
>
>                 Key: CXF-3733
>                 URL: https://issues.apache.org/jira/browse/CXF-3733
>             Project: CXF
>          Issue Type: Task
>          Components: JAX-RS
>    Affects Versions: 2.5
>            Reporter: Sergey Beryozkin
>            Assignee: Sergey Beryozkin
>             Fix For: 2.5
>
>
> rt/rs/security/xml module should host the code to do with XML security: signature and
encryption.
> it may also host SAML related code simply because SAML assertions are in XML format and
they can have XML signatures and
> in principle - encrypted as part of XML payload.
> the idea of using rt/rs/security/*xml* is also about adding in due time support for non-XML
security, ex, smime, some OAuth and OpendId helpers, Salmon (?), CAS, etc - the list is quite
open ended

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message