You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by Daniel Kulp <dk...@apache.org> on 2009/07/08 21:58:35 UTC

Re: PolicyInterceptorProvidor - HttpsTokenInterceptorProvider implementation

On Wed July 8 2009 3:20:49 pm Anthony wrote:
> I'm using CXF 2.2.2 and I want to enforce transport level security using
> WS-Policy. The current documentation online states the following:
>
> Currently, CXF supports PolicyInterceptorProvider implementations for the
> following assertion types:
>
> {http://schemas.xmlsoap.org/ws/2005/02/rm/policy}RMAssertion
> {http://www.w3.org/2007/01/addressing/metadata}Addressing
> {http://www.w3.org/2007/01/addressing/metadata}AnonymousResponses
> {http://www.w3.org/2007/01/addressing/metadata}NonAnonymousResponses
>
>
> I looked through the source code and found the
> HttpsTokenInterceptorProvidor class and I have been able to configure and
> use HttpsToken policy assertions with CXF. My question is this; since this
> feature isn't documented (in the online docs or javadocs) is it safe to use
> this feature in the current 2.2.2 version of CXF?

Yea.  2.2.x supports WS-SecurityPolicy and the assertions it provides.   I'll 
update the docs to mention that.   I'm not going to list all of the 
SecurityPolicy assertions (there's way too many), but I'll mention them on 
that page.

-- 
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog