cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nicolasduminil <nicolas.dumi...@simplex-software.fr>
Subject Re: Using OAuth 1.0a with JAX-RS CXF
Date Fri, 02 Jun 2017 07:28:32 GMT
Hi Srgey,

Thanks for your help. The 1-leg flow, as far as I understood, consists in
the fact that client doesn’t have to ask for tokens (neither request nor
access tokens) before accessing protected ressource. Here is an image
showing the flow (well, if I succeed to insert it):

<http://cxf.547215.n5.nabble.com/file/n5780904/687474703a2f2f7075752e73682f32706530372e706e67.png>


So, yes, my task would be to provide the client code able to access
resources protected by this security algorithm. I had a look at the
OAuthClientUtils and if it allows me to construt the Authorization header
with all its bits and bolts, it's already something.

Otherwise it seems that Spring Security would support it also but I'm afraid
that using Spring Security means using Spring REST as well, which we don't
want.

Kind regards,
Nicolas



--
View this message in context: http://cxf.547215.n5.nabble.com/Using-OAuth-1-0a-with-JAX-RS-CXF-tp5780889p5780904.html
Sent from the cxf-user mailing list archive at Nabble.com.

Mime
View raw message