You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by "ermanno.travaglino" <er...@gmail.com> on 2012/04/03 14:23:32 UTC
Security Token Service
Hi everybody,
I would like to implement a brokered authentication with STS. My development
environment is Eclipse and Tomcat, and now I have some RESTful services,
available via java client, or browser after a web portal authentication. Do
you could advise me to do this work in a clean and fast way? For now I have
an STS, provided by Talend (war). For example, how would I write a Java
client which interfaces with the STS? In other words, I need to implement a
subset of WS-*, in particular WS-Trust and WS-Security...
Thanks in advance.
Ermanno
--
View this message in context: http://cxf.547215.n5.nabble.com/Security-Token-Service-tp5614958p5614958.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: AW: Security Token Service
Posted by "ermanno.travaglino" <er...@gmail.com>.
Oliver Wulff-2 wrote
>
> Do you use CXF in your Java client?
>
I will write a simple Java client that requires a token at STS, receives and
processes the response.
Oliver Wulff-2 wrote
>
> If you use already the Talend STS have a look to the Talend ESB examples
> which is based on CXF. You can find the security example here:
> <talend-esb-install-dir>/examples/talend/tesb/rent-a-car/crmservice/service-endpoint-sts/src/main/resources/saml.policy
>
Yes, I've a running istance of STS in Tomcat (myhost/SecurityTokenService).
Ermanno
--
View this message in context: http://cxf.547215.n5.nabble.com/Security-Token-Service-tp5614958p5615051.html
Sent from the cxf-user mailing list archive at Nabble.com.
AW: Security Token Service
Posted by Oliver Wulff <ow...@talend.com>.
Do you use CXF in your Java client?
If yes, you can achieve that without programming just by configuration. Your WSDL of the service must contain a WS-SecurityPolicy element which defined an "IssuedToken" assertion (which means request a token from the STS). You can also configure the token type in this policy. Your jaxws:client spring bean must contain the STS Client configuration where you configure the URL of the STS and such.
If you use already the Talend STS have a look to the Talend ESB examples which is based on CXF. You can find the security example here:
<talend-esb-install-dir>/examples/talend/tesb/rent-a-car/crmservice/service-endpoint-sts/src/main/resources/saml.policy
You can find more information here:
http://coheigea.blogspot.com/2011/09/saml-securitypolicy-enforcement-in-cxf.html
HTH
Oli
------
Oliver Wulff
Blog: http://owulff.blogspot.com
Solution Architect
http://coders.talend.com
Talend Application Integration Division http://www.talend.com
________________________________________
Von: ermanno.travaglino [ermanno.travaglino@gmail.com]
Gesendet: Dienstag, 3. April 2012 14:23
Bis: users@cxf.apache.org
Betreff: Security Token Service
Hi everybody,
I would like to implement a brokered authentication with STS. My development
environment is Eclipse and Tomcat, and now I have some RESTful services,
available via java client, or browser after a web portal authentication. Do
you could advise me to do this work in a clean and fast way? For now I have
an STS, provided by Talend (war). For example, how would I write a Java
client which interfaces with the STS? In other words, I need to implement a
subset of WS-*, in particular WS-Trust and WS-Security...
Thanks in advance.
Ermanno
--
View this message in context: http://cxf.547215.n5.nabble.com/Security-Token-Service-tp5614958p5614958.html
Sent from the cxf-user mailing list archive at Nabble.com.