You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by marlonguerios <ma...@inohaus.com> on 2010/02/04 15:31:06 UTC
Is it possible to create a STS using CXF?
Hi people, I guess the answer for my question is "no", but I would like to
hear from you if it really isn't possible to create a security token service
using CXF and what would be your suggestions for such a project.
Thanks!
--
View this message in context: http://old.nabble.com/Is-it-possible-to-create-a-STS-using-CXF--tp27452207p27452207.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: Is it possible to create a STS using CXF?
Posted by Daniel Kulp <dk...@apache.org>.
On Thu February 4 2010 9:31:06 am marlonguerios wrote:
> Hi people, I guess the answer for my question is "no", but I would like to
> hear from you if it really isn't possible to create a security token
> service using CXF and what would be your suggestions for such a project.
Well, I wouldn't say it's impossible. After all, an STS is pretty much a
SOAP service. It's just not an "easy automatic" thing yet. You probably
could use a "Provider<Source>" type service to implement the STS. It
wouldn't be easy as you would need to deal with the whole soap:body contents,
but it would work. CXF could handle all the security stuff (via the security
policy implementation). Like I said, not really "ideal".
I honestly haven't had time yet to look at Metro or anything yet to see how
they do it.
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog
Re: Is it possible to create a STS using CXF?
Posted by Jonathan Bricker <je...@gmail.com>.
I'm struggling through this right now. Using a Ping Federate server, it
does not lend itself well to the STS client but you can get a token using
Pings own APIs and then insert it into the SOAP envelope. Basically, write
some interceptors to do this work.
Microsoft's ADFS 2.0 is set up that it could be done with CXF but I have
not been able to get it to work because of a https problem. ADFS can ONLY
have an https set up to request tokens and I'm stuck now because of what I
perceive as a bug with CXF in using a https connection to get token but a
http call to the service that requests the token. It should work but does
not.
I have not tried this with Shibboleth but last time I checked it did not do
web services.
On Thu, Feb 4, 2010 at 9:31 AM, marlonguerios <ma...@inohaus.com> wrote:
>
> Hi people, I guess the answer for my question is "no", but I would like to
> hear from you if it really isn't possible to create a security token
> service
> using CXF and what would be your suggestions for such a project.
>
> Thanks!
> --
> View this message in context:
> http://old.nabble.com/Is-it-possible-to-create-a-STS-using-CXF--tp27452207p27452207.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
>