You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2012/06/01 13:04:23 UTC
[jira] [Resolved] (CXF-4344) Provide simplifications and shortcuts
in CXF STS configuration
[ https://issues.apache.org/jira/browse/CXF-4344?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh resolved CXF-4344.
--------------------------------------
Resolution: Fixed
> Provide simplifications and shortcuts in CXF STS configuration
> --------------------------------------------------------------
>
> Key: CXF-4344
> URL: https://issues.apache.org/jira/browse/CXF-4344
> Project: CXF
> Issue Type: Improvement
> Affects Versions: 2.6
> Reporter: Glen Mazza
> Assignee: Colm O hEigeartaigh
> Priority: Minor
> Fix For: 2.6.2
>
>
> Presently STS configuration in the cxf-servlet.xml file is a bit verbose[1], especially if one is planning on configuring multiple STS endpoints within the same file. I would like to see configuration simplified a bit for those wishing to remain with default/common settings. In particular:
> 1.) In any SecurityTokenServiceProvider instantiation, default the values of issueOperation and validateOperation to org.apache.cxf.sts.operation.TokenIssueOperation and
> org.apache.cxf.sts.operation.TokenValidateOperation if not explicitly specified (same for the other operations). If concerned about hardwiring constant classes in such a manner, create a DefaultSecurityTokenServiceProvider with these defaults that people can use instead.
> 2.) Provide properties "stsProperties" and "services" for the SecurityTokenServiceProvider (perhaps other properties defined
> in AbstractOperation) that will be the default for AbstractOperation subclasses like TokenIssueOperation and TokenValidateOperation unless explicitly defined as done presently.
> 3.) For TokenIssueOperation and TokenValidateOperation, default the values of tokenProviders and tokenValidators to SAMLTokenProvider and SAMLTokenValidator unless explicitly defined as done presently.
> Such shortcuts will allow configuration to simplified from this:
> <bean id="x509STSProviderBean"
> class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
> <property name="issueOperation" ref="x509IssueDelegate" />
> <property name="validateOperation" ref="x509ValidateDelegate" />
> </bean>
> <bean id="x509IssueDelegate" class="org.apache.cxf.sts.operation.TokenIssueOperation">
> <property name="tokenProviders" ref="x509SamlTokenProvider" />
> <property name="services" ref="x509Service" />
> <property name="stsProperties" ref="x509STSProperties" />
> </bean>
> <bean id="x509ValidateDelegate" class="org.apache.cxf.sts.operation.TokenValidateOperation">
> <property name="tokenValidators" ref="x509SamlTokenValidator" />
> <property name="stsProperties" ref="x509STSProperties" />
> </bean>
> <bean id="x509SamlTokenProvider" class="org.apache.cxf.sts.token.provider.SAMLTokenProvider"/>
> <bean id="x509SamlTokenValidator"
> class="org.apache.cxf.sts.token.validator.SAMLTokenValidator"/>
> to this:
> <bean id="x509STSProviderBean"
> class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
> <property name="services" ref="x509Service" />
> <property name="stsProperties" ref="x509STSProperties" />
> </bean>
> These changes can probably all be done in a backwards-compatible manner so it wouldn't be necessary to wait for CXF 2.7 before implementing.
> [1] http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts/src/demo/wssec/sts/wssec-sts.xml?revision=1190520&view=markup
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira