cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Glen Mazza (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CXF-4344) Provide simplifications and shortcuts in CXF STS configuration
Date Mon, 28 May 2012 15:01:25 GMT
Glen Mazza created CXF-4344:
-------------------------------

             Summary: Provide simplifications and shortcuts in CXF STS configuration
                 Key: CXF-4344
                 URL: https://issues.apache.org/jira/browse/CXF-4344
             Project: CXF
          Issue Type: Improvement
    Affects Versions: 2.6
            Reporter: Glen Mazza
            Priority: Minor
             Fix For: 2.6.1


Presently STS configuration in the cxf-servlet.xml file is a bit verbose[1], especially if
one is planning on configuring multiple STS endpoints within the same file.  I would like
to see configuration simplified a bit for those wishing to remain with default/common settings.
  In particular: 

1.) In any SecurityTokenServiceProvider instantiation, default the values of issueOperation
and validateOperation to org.apache.cxf.sts.operation.TokenIssueOperation and
org.apache.cxf.sts.operation.TokenValidateOperation if not explicitly specified (same for
the other operations). If concerned about hardwiring constant classes in such a manner, create
a DefaultSecurityTokenServiceProvider with these defaults that people can use instead.

2.) Provide properties "stsProperties" and "services" for the SecurityTokenServiceProvider
(perhaps other properties defined
in AbstractOperation) that will be the default for AbstractOperation subclasses like TokenIssueOperation
and TokenValidateOperation unless explicitly defined as done presently.

3.) For TokenIssueOperation and TokenValidateOperation, default the values of tokenProviders
and tokenValidators to SAMLTokenProvider and SAMLTokenValidator unless explicitly defined
as done presently.

Such shortcuts will allow configuration to simplified from this:

<bean id="x509STSProviderBean"
        class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
<property name="issueOperation" ref="x509IssueDelegate" />
<property name="validateOperation" ref="x509ValidateDelegate" />
</bean>

<bean id="x509IssueDelegate" class="org.apache.cxf.sts.operation.TokenIssueOperation">
<property name="tokenProviders" ref="x509SamlTokenProvider" />
<property name="services" ref="x509Service" />
<property name="stsProperties" ref="x509STSProperties" />
</bean>

<bean id="x509ValidateDelegate" class="org.apache.cxf.sts.operation.TokenValidateOperation">
<property name="tokenValidators" ref="x509SamlTokenValidator" />
<property name="stsProperties" ref="x509STSProperties" />
</bean>

<bean id="x509SamlTokenProvider" class="org.apache.cxf.sts.token.provider.SAMLTokenProvider"/>

<bean id="x509SamlTokenValidator"
        class="org.apache.cxf.sts.token.validator.SAMLTokenValidator"/>

to this:

<bean id="x509STSProviderBean"
        class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
<property name="services" ref="x509Service" />
<property name="stsProperties" ref="x509STSProperties" />
</bean>

These changes can probably all be done in a backwards-compatible manner so it wouldn't be
necessary to wait for CXF 2.7 before implementing.

[1] http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts/src/demo/wssec/sts/wssec-sts.xml?revision=1190520&view=markup


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message