cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ponprathip Aasaithambi (UST, IND)" <Ponprathip.Aasaitha...@ust-global.com>
Subject RE: SpnegoContextToken - Security Token support for CXF
Date Thu, 22 Apr 2010 04:34:37 GMT
Hi Daniel,

     I am interested in developing it. Waiting for the pointer to get
started.
Can you also please suggest me what other tokens can be used in the
server side as replacement for SpnegoContextToken?

Note : Based on my available work bandwidth I will take up this task

Regards,
A.Prathip
             

-----Original Message-----
From: Daniel Kulp [mailto:dkulp@apache.org] 
Sent: Wednesday, April 21, 2010 7:24 PM
To: users@cxf.apache.org
Cc: Ponprathip Aasaithambi (UST, IND)
Subject: Re: SpnegoContextToken - Security Token support for CXF

On Wednesday 21 April 2010 7:00:45 am PonPrathip wrote:
>   I am trying to create CXF Standalone client to connect to a
WebService
> (Server) that have SpnegoContextToken as one of its security Policy.
> 
> Please let me know whether CXF API support this Security Token?If
supported
> then please let me know how to implement the CXF client to get access
to
> the server.
> Provided below the security binding information on the server side.

No.   CXF currently does not support SpnegoContextToken.    I'm not
aware of 
any java solution that does support it right now.   I know Metro
doesn't.  
Axis2 doesn't.    I'm pretty sure SpringWS doesn't.   

If you are interested in developing it, I'd be happy to provide pointers
to 
use as starting points.   

Dan

> 
> Please let me know whether CXF supports the below mentioned security
> info.If supports then please let me now how to implement the same
using
> CXF API
> 
> 
> <sp:SymmetricBinding><wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <sp:SpnegoContextToken
> 
>
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In
clu
> deToken/AlwaysToRecipient"><wsp:Policy> <sp:RequireDerivedKeys />
> </wsp:Policy>
> </sp:SpnegoContextToken>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic256 />
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:Layout>
> <wsp:Policy>
> <sp:Strict />
> </wsp:Policy>
> </sp:Layout>
> <sp:IncludeTimestamp />
> <sp:EncryptSignature />
> <sp:OnlySignEntireHeadersAndBody />
> </wsp:Policy>
> </sp:SymmetricBinding>

-- 
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog

Mime
View raw message