You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Sasi M (JIRA)" <ji...@apache.org> on 2012/07/11 17:50:34 UTC

[jira] [Created] (CXF-4419) Add support for OAuth2 Resource owner password credentials Grant type

Sasi M created CXF-4419:
---------------------------

             Summary: Add support for OAuth2 Resource owner password credentials Grant type
                 Key: CXF-4419
                 URL: https://issues.apache.org/jira/browse/CXF-4419
             Project: CXF
          Issue Type: Improvement
          Components: JAX-RS Security
    Affects Versions: 2.6.1
            Reporter: Sasi M
             Fix For: 2.7.0


CXF currently supports 3 out of 4 grant types specified in the oauth2 draft spec.
Adding support for the Resource owner password credentials grant type will help in seamlesly migrating applications using rest services authenticated via basic auth to oauth2.
Here is the draft spec for the grant type:
http://tools.ietf.org/html/draft-ietf-oauth-v2-27#page-35

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (CXF-4419) Add support for OAuth2 Resource owner password credentials Grant type

Posted by "Sergey Beryozkin (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/CXF-4419?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13413735#comment-13413735 ] 

Sergey Beryozkin commented on CXF-4419:
---------------------------------------

OK, we can tweak few bits later on if needed
                
> Add support for OAuth2 Resource owner password credentials Grant type
> ---------------------------------------------------------------------
>
>                 Key: CXF-4419
>                 URL: https://issues.apache.org/jira/browse/CXF-4419
>             Project: CXF
>          Issue Type: Improvement
>          Components: JAX-RS Security
>    Affects Versions: 2.6.1
>            Reporter: Sasi M
>             Fix For: 2.6.2, 2.7.0
>
>
> CXF currently supports 3 out of 4 grant types specified in the oauth2 draft spec.
> Adding support for the Resource owner password credentials grant type will help in seamlesly migrating applications using rest services authenticated via basic auth to oauth2.
> Here is the draft spec for the grant type:
> http://tools.ietf.org/html/draft-ietf-oauth-v2-27#page-35

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Resolved] (CXF-4419) Add support for OAuth2 Resource owner password credentials Grant type

Posted by "Sergey Beryozkin (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/CXF-4419?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sergey Beryozkin resolved CXF-4419.
-----------------------------------

       Resolution: Fixed
    Fix Version/s: 2.6.2
         Assignee: Sergey Beryozkin
    
> Add support for OAuth2 Resource owner password credentials Grant type
> ---------------------------------------------------------------------
>
>                 Key: CXF-4419
>                 URL: https://issues.apache.org/jira/browse/CXF-4419
>             Project: CXF
>          Issue Type: Improvement
>          Components: JAX-RS Security
>    Affects Versions: 2.6.1
>            Reporter: Sasi M
>            Assignee: Sergey Beryozkin
>             Fix For: 2.6.2, 2.7.0
>
>
> CXF currently supports 3 out of 4 grant types specified in the oauth2 draft spec.
> Adding support for the Resource owner password credentials grant type will help in seamlesly migrating applications using rest services authenticated via basic auth to oauth2.
> Here is the draft spec for the grant type:
> http://tools.ietf.org/html/draft-ietf-oauth-v2-27#page-35

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (CXF-4419) Add support for OAuth2 Resource owner password credentials Grant type

Posted by "Sergey Beryozkin (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/CXF-4419?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13413685#comment-13413685 ] 

Sergey Beryozkin commented on CXF-4419:
---------------------------------------

Hi, can you please review
http://svn.apache.org/viewvc?rev=1361175&view=rev?

This grant handler can be optionally registered with the AccessToken service.

I think we effectively are dealing with the requirement to get a security context twice, 
one for a client itself (this is managed by servlet or CXF security filters and enforced by AccessToken service) and one - 
for the resource owner, this is managed by the grant handler


                
> Add support for OAuth2 Resource owner password credentials Grant type
> ---------------------------------------------------------------------
>
>                 Key: CXF-4419
>                 URL: https://issues.apache.org/jira/browse/CXF-4419
>             Project: CXF
>          Issue Type: Improvement
>          Components: JAX-RS Security
>    Affects Versions: 2.6.1
>            Reporter: Sasi M
>             Fix For: 2.7.0
>
>
> CXF currently supports 3 out of 4 grant types specified in the oauth2 draft spec.
> Adding support for the Resource owner password credentials grant type will help in seamlesly migrating applications using rest services authenticated via basic auth to oauth2.
> Here is the draft spec for the grant type:
> http://tools.ietf.org/html/draft-ietf-oauth-v2-27#page-35

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (CXF-4419) Add support for OAuth2 Resource owner password credentials Grant type

Posted by "Sasi M (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/CXF-4419?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13413727#comment-13413727 ] 

Sasi M commented on CXF-4419:
-----------------------------

Looks good to me. Thanks much.
                
> Add support for OAuth2 Resource owner password credentials Grant type
> ---------------------------------------------------------------------
>
>                 Key: CXF-4419
>                 URL: https://issues.apache.org/jira/browse/CXF-4419
>             Project: CXF
>          Issue Type: Improvement
>          Components: JAX-RS Security
>    Affects Versions: 2.6.1
>            Reporter: Sasi M
>             Fix For: 2.7.0
>
>
> CXF currently supports 3 out of 4 grant types specified in the oauth2 draft spec.
> Adding support for the Resource owner password credentials grant type will help in seamlesly migrating applications using rest services authenticated via basic auth to oauth2.
> Here is the draft spec for the grant type:
> http://tools.ietf.org/html/draft-ietf-oauth-v2-27#page-35

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira