You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2011/06/01 17:52:47 UTC

[jira] [Resolved] (CXF-3565) Support pluggable way of configuring WS-Trust ActAs and OnBehalfOf behaviour

     [ https://issues.apache.org/jira/browse/CXF-3565?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh resolved CXF-3565.
--------------------------------------

    Resolution: Fixed

> Support pluggable way of configuring WS-Trust ActAs and OnBehalfOf behaviour
> ----------------------------------------------------------------------------
>
>                 Key: CXF-3565
>                 URL: https://issues.apache.org/jira/browse/CXF-3565
>             Project: CXF
>          Issue Type: New Feature
>          Components: WS-* Components
>    Affects Versions: 2.4
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.4.1
>
>
> CXF-2905 introduced support for the WS-Trust 1.4 ActAs behaviour in CXF. This allows the user to send a security token as an "ActAs" element in a RequestSecurityToken invocation. This can be configured in two ways:
>  a) As a String directly on the STSClient bean in Spring, e.g. <property name="actAs" value="..."/>
>  b) As a String or DOM Element programmatically via the jaxws property SecurityConstants.STS_TOKEN_ACT_AS
> CXF 2.4.0 supports the ability to set a security token as an "OnBehalfOf" element directly on the STSClient, but not provide configuration support. 
> There are three goals for this task:
>  a) Add the ability to configure OnBehalfOf in the same way as ActAs (String/Element)
>  b) Add the ability to also add a CallbackHandler object for either token. This is an alternative to having to add an interceptor to set the appropriate property.
>  c) Add two CallbackHandler implementations which can be used for either ActAs or OnBehalfOf for common scenarios. The first adds a received security token in the previous message (UsernameToken/SAML Token/Binary Security Token). The second adds a UsernameToken with no password, where the username is obtained via the jaxws:property ws-security.username.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira