cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergey Beryozkin <>
Subject Re: Where do all these API keys come from? :-)
Date Mon, 15 Oct 2012 08:59:48 GMT
On 12/10/12 17:19, Benson Margulies wrote:
> If I've read the documentation of one web service with an 'api key',
> I've read 25. They are all so similar so as to suggest a common
> implementation. But a certain amount of googling was unrewarding,
> since all I get is pages describing particular APIs.
> Does any reader here happen to know if there's a common, open source,
> implementation to authn via these long-lived tokens? Or is each of
> these services got an independent implementation?
Is it WS or RS service ? For RS it seems that OAuth may fit, the token 
presumably has been obtained out of band. The life-span of tokens can 
also be controlled (by expiring + refreshing, and revoking). Same can be 
done for WS - we should probably introduce an oauth2-ws module and start 
with supporting a bearer token passed as a WS-SEC binary token


View raw message