cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rebecca Searls (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CXF-5519) Setting SecurityConstants.STS_TOKEN_ACT_AS as CallbackHander requires better documentation.
Date Thu, 23 Jan 2014 21:17:37 GMT
Rebecca Searls created CXF-5519:
-----------------------------------

             Summary: Setting SecurityConstants.STS_TOKEN_ACT_AS as CallbackHander requires
better documentation.
                 Key: CXF-5519
                 URL: https://issues.apache.org/jira/browse/CXF-5519
             Project: CXF
          Issue Type: Improvement
          Components: JAX-RS Security
    Affects Versions: 2.7.8, 3.0.0-milestone1
            Reporter: Rebecca Searls



Using: cxf-tr-ws-security-2.7.8

The current documentation states that SecurityConstants.STS_TOKEN_ACT_AS
declared with "a CallbackHandler object to use to obtain the token"

A very specific CallbackHandler implementation is required.  It MUST be
an implementation that supports processing DelegationCallback as input and
generating a org.w3c.dom.Element.
  
Existing examples are 
    org.apache.cxf.ws.security.trust.delegation.ReceivedTokenCallbackHandler 
    org.apache.cxf.ws.security.trust.delegation.WSSUsernameCallbackHandler
    

The code in org.apache.cxf.ws.security.trust.AbstractSTSClient requires this.

814     DelegationCallback callback = new DelegationCallback(message);
815     ((CallbackHandler)delegationObject).handle(new Callback[]{callback});
816     return callback.getToken();





--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message