Author: coheigea Date: Fri Jan 24 11:58:24 2014 New Revision: 1560957 URL: http://svn.apache.org/r1560957 Log: Merged revisions 1560950 via git cherry-pick from https://svn.apache.org/repos/asf/cxf/branches/2.7.x-fixes
........ r1560950 | coheigea | 2014-01-24 11:53:56 +0000 (Fri, 24 Jan 2014) | 10 lines Merged revisions 1560949 via git cherry-pick from https://svn.apache.org/repos/asf/cxf/trunk ........ r1560949 | coheigea | 2014-01-24 11:49:44 +0000 (Fri, 24 Jan 2014) | 2 lines [CXF-5518][CXF-5519][CXF-5520][CXF-5521] - Delegation handling documentation improvements ........ ........ Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java?rev=1560957&r1=1560956&r2=1560957&view=diff ============================================================================== --- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java (original) +++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java Fri Jan 24 11:58:24 2014 @@ -409,17 +409,35 @@ public final class SecurityConstants { /** * The token to be sent to the STS in an "ActAs" field. It can be either: - * a) A String + * a) A String (which must be an XML statement like "<wst:OnBehalfOf xmlns:wst=...>...</wst:OnBehalfOf>") * b) A DOM Element * c) A CallbackHandler object to use to obtain the token + * + * In the case of a CallbackHandler, it must be able to handle a + * org.apache.cxf.ws.security.trust.delegation.DelegationCallback Object, which contains a + * reference to the current Message. The CallbackHandler implementation is required to set + * the token Element to be sent in the request on the Callback. + * + * Some examples that can be reused are: + * org.apache.cxf.ws.security.trust.delegation.ReceivedTokenCallbackHandler + * org.apache.cxf.ws.security.trust.delegation.WSSUsernameCallbackHandler */ public static final String STS_TOKEN_ACT_AS = "ws-security.sts.token.act-as"; /** * The token to be sent to the STS in an "OnBehalfOf" field. It can be either: - * a) A String + * a) A String (which must be an XML statement like "<wst:OnBehalfOf xmlns:wst=...>...</wst:OnBehalfOf>") * b) A DOM Element * c) A CallbackHandler object to use to obtain the token + * + * In the case of a CallbackHandler, it must be able to handle a + * org.apache.cxf.ws.security.trust.delegation.DelegationCallback Object, which contains a + * reference to the current Message. The CallbackHandler implementation is required to set + * the token Element to be sent in the request on the Callback. + * + * Some examples that can be reused are: + * org.apache.cxf.ws.security.trust.delegation.ReceivedTokenCallbackHandler + * org.apache.cxf.ws.security.trust.delegation.WSSUsernameCallbackHandler */ public static final String STS_TOKEN_ON_BEHALF_OF = "ws-security.sts.token.on-behalf-of";
