cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (CXF-4344) Provide simplifications and shortcuts in CXF STS configuration
Date Wed, 30 May 2012 13:47:23 GMT

     [ https://issues.apache.org/jira/browse/CXF-4344?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Colm O hEigeartaigh reassigned CXF-4344:
----------------------------------------

    Assignee: Colm O hEigeartaigh
    
> Provide simplifications and shortcuts in CXF STS configuration
> --------------------------------------------------------------
>
>                 Key: CXF-4344
>                 URL: https://issues.apache.org/jira/browse/CXF-4344
>             Project: CXF
>          Issue Type: Improvement
>    Affects Versions: 2.6
>            Reporter: Glen Mazza
>            Assignee: Colm O hEigeartaigh
>            Priority: Minor
>             Fix For: 2.6.2
>
>
> Presently STS configuration in the cxf-servlet.xml file is a bit verbose[1], especially
if one is planning on configuring multiple STS endpoints within the same file.  I would like
to see configuration simplified a bit for those wishing to remain with default/common settings.
  In particular: 
> 1.) In any SecurityTokenServiceProvider instantiation, default the values of issueOperation
and validateOperation to org.apache.cxf.sts.operation.TokenIssueOperation and
> org.apache.cxf.sts.operation.TokenValidateOperation if not explicitly specified (same
for the other operations). If concerned about hardwiring constant classes in such a manner,
create a DefaultSecurityTokenServiceProvider with these defaults that people can use instead.
> 2.) Provide properties "stsProperties" and "services" for the SecurityTokenServiceProvider
(perhaps other properties defined
> in AbstractOperation) that will be the default for AbstractOperation subclasses like
TokenIssueOperation and TokenValidateOperation unless explicitly defined as done presently.
> 3.) For TokenIssueOperation and TokenValidateOperation, default the values of tokenProviders
and tokenValidators to SAMLTokenProvider and SAMLTokenValidator unless explicitly defined
as done presently.
> Such shortcuts will allow configuration to simplified from this:
> <bean id="x509STSProviderBean"
>         class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
> <property name="issueOperation" ref="x509IssueDelegate" />
> <property name="validateOperation" ref="x509ValidateDelegate" />
> </bean>
> <bean id="x509IssueDelegate" class="org.apache.cxf.sts.operation.TokenIssueOperation">
> <property name="tokenProviders" ref="x509SamlTokenProvider" />
> <property name="services" ref="x509Service" />
> <property name="stsProperties" ref="x509STSProperties" />
> </bean>
> <bean id="x509ValidateDelegate" class="org.apache.cxf.sts.operation.TokenValidateOperation">
> <property name="tokenValidators" ref="x509SamlTokenValidator" />
> <property name="stsProperties" ref="x509STSProperties" />
> </bean>
> <bean id="x509SamlTokenProvider" class="org.apache.cxf.sts.token.provider.SAMLTokenProvider"/>
> <bean id="x509SamlTokenValidator"
>         class="org.apache.cxf.sts.token.validator.SAMLTokenValidator"/>
> to this:
> <bean id="x509STSProviderBean"
>         class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
> <property name="services" ref="x509Service" />
> <property name="stsProperties" ref="x509STSProperties" />
> </bean>
> These changes can probably all be done in a backwards-compatible manner so it wouldn't
be necessary to wait for CXF 2.7 before implementing.
> [1] http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts/src/demo/wssec/sts/wssec-sts.xml?revision=1190520&view=markup


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message