cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergey Beryozkin <>
Subject Re: JAX-RS Client to handle SAML (+OAuth2) in SSO
Date Tue, 04 Nov 2014 22:14:25 GMT
On 04/11/14 18:09, rareddy wrote:
> Hi,
> I have a third party JAX-RS service that is secured through SAML,  I am
> trying to access this service through my java application. I have access to
> currently logged-in user's Subject. I am kind drawing blank on how I need to
> proceed. Should I build  a SAMLRequest envelope and send to the service?
> Obviously for me call back and human interaction with web-page is not
> possible. So, I thought I might need to have SAMLResponse to go along with
> my request based on Subject?
How exactly is that 3rd party service secured with SAML - does it expect 
an encoded SAML token in the header for example ?

Have a look at this example:

Given a Subject you can configure WebClient to produce a SAML token.
In that example, (in 
systests/rs-security) would affect the way the assertion is built, in 
your case it can use the Subject properties to set the SAML assertion's 
Subject properties

> With OAuth2, same scenario, but I am trying to access SalesForce. I need to
> follow SAML2 Bearer as defined here
> but not sure how I
> can get my hands on SAML Token?
It is quite similar, for example, see

Again, the callback can use the Subject properties to set the SAML 
assertion's Subject properties

> I think I need a service, given Subject will provide me back with SAML
> token, but I would to delegate this responsibility to an IDP to do the task.
> Can somebody explain what may be the right flow of actions, and/or point me
> to any examples?

Try experimenting with the linked to code and let me know how it goes
Cheers, Sergey
> Thanks
> Ramesh..
> --
> View this message in context:
> Sent from the cxf-user mailing list archive at

Sergey Beryozkin

Talend Community Coders


View raw message