You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by venkatesham nalla <v_...@hotmail.com> on 2014/05/06 22:22:23 UTC
RE: OAuth2 to protect CXF SOAP endpoints
Hi all,
How to add BinarySecurityToken using WSS4J or WS-SecurityPolicy?
Thanks,Venkat
> Date: Tue, 29 Apr 2014 16:19:03 +0100
> From: sberyozkin@gmail.com
> To: users@cxf.apache.org
> Subject: Re: FW: OAuth2 to protect CXF SOAP endpoints
>
> Hi
> On 29/04/14 15:25, NALLA, VENKAT wrote:
> > Hi Sergey,
> >
> > I was looking at your blogspot and came across “Use
> > OAuth2 tokens to protect CXF SOAP endpoints”. I would like try and
> > understand how it works. Could you please send me the link to the
> > example code? Does it work in CXF 2.7.6 or do I need 3.0 milestone
> > release to try the example code?
>
> It is very simple.
> WS client will need to obtain a token somehow first. Next one simply
> passes it with Authorization header or embed it as a WS-Security Binary
> Token.
>
> If Authorization header is used, then adding the interceptor mentioned at
>
> https://cxf.apache.org/docs/jax-rs-oauth2.html#JAX-RSOAuth2-OAuth2tokensandSOAPendpoints
>
>
> will work,
>
> if the token is WS-BinaryToken token then a basic customization of the
> interceptor will do, see the linked interceptor source...
>
>
> > BTW what is the expected release date
> > for 3.0?
> I hope we will be ready to consider doing the build by the end of the
> next week or so, about 2 weeks
>
> Cheers, Sergey
> >
> > Thanks,
> >
> > Venkat
> >
>
Re: OAuth2 to protect CXF SOAP endpoints
Posted by Colm O hEigeartaigh <co...@apache.org>.
Do you just want to add the BinarySecurityToken to the security header of
the request, or do you subsequently want to sign/encrypt it? What version
of CXF are you using?
Colm.
On Tue, May 6, 2014 at 9:22 PM, venkatesham nalla <v_...@hotmail.com>wrote:
> Hi all,
> How to add BinarySecurityToken using WSS4J or WS-SecurityPolicy?
> Thanks,Venkat
>
>
>
> > Date: Tue, 29 Apr 2014 16:19:03 +0100
> > From: sberyozkin@gmail.com
> > To: users@cxf.apache.org
> > Subject: Re: FW: OAuth2 to protect CXF SOAP endpoints
> >
> > Hi
> > On 29/04/14 15:25, NALLA, VENKAT wrote:
> > > Hi Sergey,
> > >
> > > I was looking at your blogspot and came across “Use
> > > OAuth2 tokens to protect CXF SOAP endpoints”. I would like try and
> > > understand how it works. Could you please send me the link to the
> > > example code? Does it work in CXF 2.7.6 or do I need 3.0 milestone
> > > release to try the example code?
> >
> > It is very simple.
> > WS client will need to obtain a token somehow first. Next one simply
> > passes it with Authorization header or embed it as a WS-Security Binary
> > Token.
> >
> > If Authorization header is used, then adding the interceptor mentioned at
> >
> >
> https://cxf.apache.org/docs/jax-rs-oauth2.html#JAX-RSOAuth2-OAuth2tokensandSOAPendpoints
> >
> >
> > will work,
> >
> > if the token is WS-BinaryToken token then a basic customization of the
> > interceptor will do, see the linked interceptor source...
> >
> >
> > > BTW what is the expected release date
> > > for 3.0?
> > I hope we will be ready to consider doing the build by the end of the
> > next week or so, about 2 weeks
> >
> > Cheers, Sergey
> > >
> > > Thanks,
> > >
> > > Venkat
> > >
> >
>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com