cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From geecxf <>
Subject Re: SAML metadata
Date Fri, 08 Mar 2013 01:36:08 GMT
I'll be sure to share whatever I learn if we are tasked to implement this
kind of functionality. So far our product owners are saying this is not
strictly necessary but that could change.

Regarding OAuth, the last time I read the specification it was essentially
token agnostic. Other than the fact that the token should be compact so that
you can pass it in redirects and headers, the specification really says
nothing about what token format to use. I think JWT is what most people are
using but I've also seen implementations that return SAML assertions. MS
also has a Simple Web Token (SWT) format which is a basically JWT light. But
I digress.

View this message in context:
Sent from the cxf-user mailing list archive at

View raw message