You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2011/06/01 17:52:47 UTC
[jira] [Resolved] (CXF-3565) Support pluggable way of configuring
WS-Trust ActAs and OnBehalfOf behaviour
[ https://issues.apache.org/jira/browse/CXF-3565?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh resolved CXF-3565.
--------------------------------------
Resolution: Fixed
> Support pluggable way of configuring WS-Trust ActAs and OnBehalfOf behaviour
> ----------------------------------------------------------------------------
>
> Key: CXF-3565
> URL: https://issues.apache.org/jira/browse/CXF-3565
> Project: CXF
> Issue Type: New Feature
> Components: WS-* Components
> Affects Versions: 2.4
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 2.4.1
>
>
> CXF-2905 introduced support for the WS-Trust 1.4 ActAs behaviour in CXF. This allows the user to send a security token as an "ActAs" element in a RequestSecurityToken invocation. This can be configured in two ways:
> a) As a String directly on the STSClient bean in Spring, e.g. <property name="actAs" value="..."/>
> b) As a String or DOM Element programmatically via the jaxws property SecurityConstants.STS_TOKEN_ACT_AS
> CXF 2.4.0 supports the ability to set a security token as an "OnBehalfOf" element directly on the STSClient, but not provide configuration support.
> There are three goals for this task:
> a) Add the ability to configure OnBehalfOf in the same way as ActAs (String/Element)
> b) Add the ability to also add a CallbackHandler object for either token. This is an alternative to having to add an interceptor to set the appropriate property.
> c) Add two CallbackHandler implementations which can be used for either ActAs or OnBehalfOf for common scenarios. The first adds a received security token in the previous message (UsernameToken/SAML Token/Binary Security Token). The second adds a UsernameToken with no password, where the username is obtained via the jaxws:property ws-security.username.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira