Return-Path: 
 <users-return-20232-apmail-cxf-users-archive=cxf.apache.org@cxf.apache.org>
Delivered-To: apmail-cxf-users-archive@www.apache.org
Received: (qmail 12333 invoked from network); 4 Feb 2010 21:57:01 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 4 Feb 2010 21:57:00 -0000
Received: (qmail 9600 invoked by uid 500); 4 Feb 2010 21:57:00 -0000
Delivered-To: apmail-cxf-users-archive@cxf.apache.org
Received: (qmail 9514 invoked by uid 500); 4 Feb 2010 21:57:00 -0000
Mailing-List: contact users-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@cxf.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@cxf.apache.org>
List-Post: <mailto:users@cxf.apache.org>
List-Id: <users.cxf.apache.org>
Reply-To: users@cxf.apache.org
Delivered-To: mailing list users@cxf.apache.org
Received: (qmail 9504 invoked by uid 99); 4 Feb 2010 21:57:00 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 04 Feb 2010 21:57:00 +0000
X-ASF-Spam-Status: No, hits=1.2 required=10.0
	tests=SPF_NEUTRAL
X-Spam-Check-By: apache.org
Received-SPF: neutral (athena.apache.org: local policy)
Received: from [66.207.172.168] (HELO server.dankulp.com) (66.207.172.168)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 04 Feb 2010 21:56:50 +0000
Received: by server.dankulp.com (Postfix, from userid 5000)
	id 74D0B50700B5; Thu,  4 Feb 2010 16:56:29 -0500 (EST)
X-Spam-Checker-Version: SpamAssassin 3.2.1-gr2 (2007-05-02) on
	server.dankulp.com
X-Spam-Level: 
X-Msg-File: /tmp/mailfilter.xkoKLSkRFi
Received: from dilbert.localnet (c-24-91-141-225.hsd1.ma.comcast.net
 [24.91.141.225])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by server.dankulp.com (Postfix) with ESMTPSA id 9E62D50700B3;
	Thu,  4 Feb 2010 16:56:28 -0500 (EST)
From: Daniel Kulp <dkulp@apache.org>
To: users@cxf.apache.org
Subject: Re: Is it possible to create a STS using CXF?
Date: Thu, 4 Feb 2010 16:56:27 -0500
User-Agent: KMail/1.12.4 (Linux/2.6.32-gentoo; KDE/4.3.5; x86_64; ; )
Cc: marlonguerios <marlon@inohaus.com>
References: <27452207.post@talk.nabble.com>
In-Reply-To: <27452207.post@talk.nabble.com>
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <201002041656.28114.dkulp@apache.org>
X-Old-Spam-Status: No, score=-3.5 required=3.0 tests=ALL_TRUSTED,AWL,BAYES_00
	autolearn=ham version=3.2.1-gr2

On Thu February 4 2010 9:31:06 am marlonguerios wrote:
> Hi people, I guess the answer for my question is "no", but I would like to
> hear from you if it really isn't possible to create a security token
>  service using CXF and what would be your suggestions for such a project.

Well, I wouldn't say it's impossible.   After all, an STS is pretty much a 
SOAP service.   It's just not an "easy automatic" thing yet.    You probably 
could use a "Provider<Source>" type service to implement the STS.   It 
wouldn't be easy as you would need to deal with the whole soap:body contents, 
but it would work.   CXF could handle all the security stuff (via the security 
policy implementation).   Like I said, not really "ideal".

I honestly haven't had time yet to look at Metro or anything yet to see how 
they do it.  

-- 
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog