You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2014/01/24 12:53:57 UTC
svn commit: r1560950 -
/cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
Author: coheigea
Date: Fri Jan 24 11:53:56 2014
New Revision: 1560950
URL: http://svn.apache.org/r1560950
Log:
Merged revisions 1560949 via git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1560949 | coheigea | 2014-01-24 11:49:44 +0000 (Fri, 24 Jan 2014) | 2 lines
[CXF-5518][CXF-5519][CXF-5520][CXF-5521] - Delegation handling documentation improvements
........
Modified:
cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
Modified: cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java?rev=1560950&r1=1560949&r2=1560950&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java (original)
+++ cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java Fri Jan 24 11:53:56 2014
@@ -453,17 +453,35 @@ public final class SecurityConstants {
/**
* The token to be sent to the STS in an "ActAs" field. It can be either:
- * a) A String
+ * a) A String (which must be an XML statement like "<wst:OnBehalfOf xmlns:wst=...>...</wst:OnBehalfOf>")
* b) A DOM Element
* c) A CallbackHandler object to use to obtain the token
+ *
+ * In the case of a CallbackHandler, it must be able to handle a
+ * org.apache.cxf.ws.security.trust.delegation.DelegationCallback Object, which contains a
+ * reference to the current Message. The CallbackHandler implementation is required to set
+ * the token Element to be sent in the request on the Callback.
+ *
+ * Some examples that can be reused are:
+ * org.apache.cxf.ws.security.trust.delegation.ReceivedTokenCallbackHandler
+ * org.apache.cxf.ws.security.trust.delegation.WSSUsernameCallbackHandler
*/
public static final String STS_TOKEN_ACT_AS = "ws-security.sts.token.act-as";
/**
* The token to be sent to the STS in an "OnBehalfOf" field. It can be either:
- * a) A String
+ * a) A String (which must be an XML statement like "<wst:OnBehalfOf xmlns:wst=...>...</wst:OnBehalfOf>")
* b) A DOM Element
* c) A CallbackHandler object to use to obtain the token
+ *
+ * In the case of a CallbackHandler, it must be able to handle a
+ * org.apache.cxf.ws.security.trust.delegation.DelegationCallback Object, which contains a
+ * reference to the current Message. The CallbackHandler implementation is required to set
+ * the token Element to be sent in the request on the Callback.
+ *
+ * Some examples that can be reused are:
+ * org.apache.cxf.ws.security.trust.delegation.ReceivedTokenCallbackHandler
+ * org.apache.cxf.ws.security.trust.delegation.WSSUsernameCallbackHandler
*/
public static final String STS_TOKEN_ON_BEHALF_OF = "ws-security.sts.token.on-behalf-of";