jax-rs-oauth2.html

buildbot Thu, 22 Nov 2012 06:48:27 -0800

Author: buildbot
Date: Thu Nov 22 14:48:00 2012
New Revision: 839167

Log:
Production update by buildbot for cxf


Modified:
    websites/production/cxf/content/cache/docs.pageCache
    websites/production/cxf/content/docs/jax-rs-oauth2.html

Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/docs/jax-rs-oauth2.html
==============================================================================
--- websites/production/cxf/content/docs/jax-rs-oauth2.html (original)
+++ websites/production/cxf/content/docs/jax-rs-oauth2.html Thu Nov 22 14:48:00 
2012
@@ -125,7 +125,7 @@ Apache CXF -- JAX-RS OAuth2
 
 
 <div>
-<ul><li><a shape="rect" 
href="#JAX-RSOAuth2-Introduction">Introduction</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-Mavendependencies">Maven dependencies</a></li><li><a 
shape="rect" href="#JAX-RSOAuth2-DevelopingOAuth2Servers">Developing OAuth2 
Servers</a></li><ul><li><a shape="rect" 
href="#JAX-RSOAuth2-AuthorizationService">Authorization Service</a></li><li><a 
shape="rect" 
href="#JAX-RSOAuth2-AccessTokenService">AccessTokenService</a></li><ul><li><a 
shape="rect" href="#JAX-RSOAuth2-AccessTokenTypes">Access Token 
Types</a></li><ul><li><a shape="rect" 
href="#JAX-RSOAuth2-Bearer">Bearer</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-MAC">MAC</a></li></ul><li><a shape="rect" 
href="#JAX-RSOAuth2-AccessTokenValidationService">AccessTokenValidationService</a></li></ul><li><a
 shape="rect" href="#JAX-RSOAuth2-SupportedGrants">Supported 
Grants</a></li><ul><li><a shape="rect" 
href="#JAX-RSOAuth2-AuthorizationCode">Authorization Code</a></li><li><a 
shape="rect" href="#JAX-RSOAuth2-
 Implicit">Implicit</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-ClientCredentials">Client Credentials</a></li><li><a 
shape="rect" href="#JAX-RSOAuth2-ResourceOwnerPasswordCredentials">Resource 
Owner Password Credentials</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-RefreshToken">Refresh Token</a></li></ul><li><a 
shape="rect" href="#JAX-RSOAuth2-WritingOAuthDataProvider">Writing 
OAuthDataProvider</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-OAuthServerJAXRSendpoints">OAuth Server JAX-RS 
endpoints</a></li></ul><li><a shape="rect" 
href="#JAX-RSOAuth2-UserSessionAuthenticity">User Session 
Authenticity</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-ProtectingresourceswithOAuthfilters">Protecting resources 
with OAuth filters</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-Howtogettheuserloginname">How to get the user login 
name</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-Clientsidesupport">Client-side support</a></li><li><a 
shape="rect" href="#JAX-RSOAuth2-OAuth2witho
 uttheExplicitAuthorization">OAuth2 without the Explicit 
Authorization</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-OAuthWithoutaBrowser">OAuth Without a 
Browser</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-Reportingerrordetails">Reporting error 
details</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-Designconsiderations">Design 
considerations</a></li><ul><li><a shape="rect" 
href="#JAX-RSOAuth2-ControllingtheAccesstoResourceServer">Controlling the 
Access to Resource Server</a></li><ul><li><a shape="rect" 
href="#JAX-RSOAuth2-Sharingthesameaccesspathbetweenendusersandclients">Sharing 
the same access path between end users and clients</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-Providingdifferentaccesspointstoendusersandclients">Providing
 different access points to end users and clients</a></li></ul><li><a 
shape="rect" href="#JAX-RSOAuth2-SingleSignOn">Single Sign 
On</a></li></ul><li><a shape="rect" href="#JAX-RSOAuth2-WhatIsNext">What Is 
Next</a></li></ul></div>
+<ul><li><a shape="rect" 
href="#JAX-RSOAuth2-Introduction">Introduction</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-Mavendependencies">Maven dependencies</a></li><li><a 
shape="rect" href="#JAX-RSOAuth2-DevelopingOAuth2Servers">Developing OAuth2 
Servers</a></li><ul><li><a shape="rect" 
href="#JAX-RSOAuth2-AuthorizationService">Authorization Service</a></li><li><a 
shape="rect" 
href="#JAX-RSOAuth2-AccessTokenService">AccessTokenService</a></li><ul><li><a 
shape="rect" href="#JAX-RSOAuth2-AccessTokenTypes">Access Token 
Types</a></li><ul><li><a shape="rect" 
href="#JAX-RSOAuth2-Bearer">Bearer</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-MAC">MAC</a></li></ul><li><a shape="rect" 
href="#JAX-RSOAuth2-AccessTokenValidationService">AccessTokenValidationService</a></li></ul><li><a
 shape="rect" href="#JAX-RSOAuth2-SupportedGrants">Supported 
Grants</a></li><ul><li><a shape="rect" 
href="#JAX-RSOAuth2-AuthorizationCode">Authorization Code</a></li><li><a 
shape="rect" href="#JAX-RSOAuth2-
 Implicit">Implicit</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-ClientCredentials">Client Credentials</a></li><li><a 
shape="rect" href="#JAX-RSOAuth2-ResourceOwnerPasswordCredentials">Resource 
Owner Password Credentials</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-RefreshToken">Refresh Token</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-CustomGrants">Custom Grants</a></li></ul><li><a 
shape="rect" href="#JAX-RSOAuth2-WritingOAuthDataProvider">Writing 
OAuthDataProvider</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-OAuthServerJAXRSendpoints">OAuth Server JAX-RS 
endpoints</a></li></ul><li><a shape="rect" 
href="#JAX-RSOAuth2-UserSessionAuthenticity">User Session 
Authenticity</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-ProtectingresourceswithOAuthfilters">Protecting resources 
with OAuth filters</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-Howtogettheuserloginname">How to get the user login 
name</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Clientsidesupport">Cli
 ent-side support</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-OAuth2withouttheExplicitAuthorization">OAuth2 without the 
Explicit Authorization</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-OAuthWithoutaBrowser">OAuth Without a 
Browser</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-Reportingerrordetails">Reporting error 
details</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-Designconsiderations">Design 
considerations</a></li><ul><li><a shape="rect" 
href="#JAX-RSOAuth2-ControllingtheAccesstoResourceServer">Controlling the 
Access to Resource Server</a></li><ul><li><a shape="rect" 
href="#JAX-RSOAuth2-Sharingthesameaccesspathbetweenendusersandclients">Sharing 
the same access path between end users and clients</a></li><li><a shape="rect" 
href="#JAX-RSOAuth2-Providingdifferentaccesspointstoendusersandclients">Providing
 different access points to end users and clients</a></li></ul><li><a 
shape="rect" href="#JAX-RSOAuth2-SingleSignOn">Single Sign 
On</a></li></ul><li><a shape="
 rect" href="#JAX-RSOAuth2-WhatIsNext">What Is Next</a></li></ul></div>
 
 <h1><a shape="rect" name="JAX-RSOAuth2-Introduction"></a>Introduction</h1>
 
@@ -509,7 +509,7 @@ Authorization: MAC id=<span class="code-
 
 <p>As described above, <a shape="rect" class="external-link" 
href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java";>AuthorizationCodeGrantService</a>
 service and <a shape="rect" class="external-link" 
href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeDataProvider.java";>AuthorizationCodeDataProvider</a>
 data provider can support a redirection-based Authorization Code flow. </p>
 
-<p>The code that the client receives in the end of the redirection process 
will need to be exchanged for a new access token with AccessTokenService.</p>
+<p>The code that the client receives in the end of the redirection process 
will need to be exchanged for a new access token with AccessTokenService. 
CXF-based clients can use a helper <a shape="rect" class="external-link" 
href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant.java";>AuthorizationCodeGrant</a>
 bean  to request a new access token with OAuthClientUtils.</p>
 
 
 <h3><a shape="rect" name="JAX-RSOAuth2-Implicit"></a>Implicit</h3>
@@ -527,16 +527,31 @@ The simplest approach is to register a C
 
 <p>Register <a shape="rect" class="external-link" 
href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java";>ClientCredentialsGrantHandler</a>
 handler with AccessTokenService for this grant be supported.</p>
 
+<p>CXF-based clients can use a helper <a shape="rect" class="external-link" 
href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java";>ClientCredentialsGrant</a>
 bean to request a new access token with OAuthClientUtils.</p>
+
+
 <h3><a shape="rect" 
name="JAX-RSOAuth2-ResourceOwnerPasswordCredentials"></a>Resource Owner 
Password Credentials</h3>
 
 <p>Register <a shape="rect" class="external-link" 
href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java";>ResourceOwnerGrantHandler</a>
 handler with AccessTokenService for this grant be supported.</p>
 
+<p>CXF-based clients can use a helper <a shape="rect" class="external-link" 
href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java";>ResourceOwnerGrant</a>
 bean to request a new access token with OAuthClientUtils.</p>
+
+
 <h3><a shape="rect" name="JAX-RSOAuth2-RefreshToken"></a>Refresh Token</h3>
 
 <p>The client can issue a refresh token grant if the current access token it 
owns has expired or been revoked and the refresh token was issued alongside 
with the access token which is now invalid and get the new, 'refreshed' access 
token. This can allow the client to avoid seeking a new authorization approval 
from the end user.</p>
 
 <p>Register <a shape="rect" class="external-link" 
href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java";>RefreshTokenGrantHandler</a>
 handler with AccessTokenService for this grant be supported. Note this grant 
handler is only useful for refreshing the existing access token, so one or more 
of the other grant handlers (Authorization Code, Implicit, etc) will also have 
to be registered with AccessTokenService.</p>
 
+<p>CXF-based clients can use a helper <a shape="rect" class="external-link" 
href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrant.java";>RefreshTokenGrant</a>
 bean to request a new access token with OAuthClientUtils.</p>
+
+
+<h3><a shape="rect" name="JAX-RSOAuth2-CustomGrants"></a>Custom Grants</h3>
+
+<p>If you need to customize the way the well-known grant requests are handled 
then consider extending one of the grant handlers listed in the previous 
sub-sections. </p>
+
+<p>Alternatively create a custom <a shape="rect" class="external-link" 
href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenGrantHandler.java";>AccessTokenGrantHandler</a>
 and register it with AccessTokenService. Additionally, consider providing a 
related <a shape="rect" class="external-link" 
href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenGrant.java";>AccessTokenGrant</a>
 implementation for making it easy for the client code to request a new access 
token with this custom grant.  </p>
+
 
 <h2><a shape="rect" name="JAX-RSOAuth2-WritingOAuthDataProvider"></a>Writing 
OAuthDataProvider</h2>

svn commit: r839167 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-oauth2.html

Reply via email to