cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis Kieselhorst (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-7137) Allow OAuth2 customization via Swagger2Feature
Date Mon, 20 Feb 2017 12:26:44 GMT

    [ https://issues.apache.org/jira/browse/CXF-7137?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15874457#comment-15874457
] 

Dennis Kieselhorst commented on CXF-7137:
-----------------------------------------

It makes a difference. The reason for that is Swagger's BaseApiListingResource. It creates
a new Swagger instance and only the attributes from BeanConfig are taken into account. The
security features are lost as they are not part of it.

Just debug the modified testcase from my PR and you'll see it.

> Allow OAuth2 customization via Swagger2Feature
> ----------------------------------------------
>
>                 Key: CXF-7137
>                 URL: https://issues.apache.org/jira/browse/CXF-7137
>             Project: CXF
>          Issue Type: Improvement
>          Components: JAX-RS
>    Affects Versions: 3.1.8
>            Reporter: Alexander K.
>            Assignee: Sergey Beryozkin
>             Fix For: 3.2.0, 3.1.9
>
>
> It seems that there is no way to customize initOAuth() details like clientId, clientSecret,
realm, appName, etc. for SwaggerUI-OAuth integration. This will allow Swagger-UI authorization
for protected CXF REST services by an authorization server such as Keycloak.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message