Maybe I am wrong adding my reply here, for I am not a CXF developer but a user: anyway this thread is really what I was looking for, WS-SX (Trust and conversation) advanced features. These features are not present in the JIRA, so I guess these features will not be in CXF 2.1. Are these features definitively shifted to future versions?
Dan Diephouse-2 wrote: > > > > > > > One of the things on my wishlist for 2.1 is support for WS-SX - > WS-SecurityPolicy, WS-SecureConversation, and WS-Trust. Its a very > important feature for a lot of corporations because it enables much > faster security and it also enables a range of security scenarios which > weren't possible before. > > I know I've chatted with Fred a bit about this before, but I'd like to > bring the discussion to the dev list for a while so we can a) figure > out the scope of the work b) decide if we can do it for 2.1 and c) > figure out who's going to do what. Regarding this last point, I will be > very happy to particpate, but I'm not sure I can do the majority of the > work. But I can certainly code some and help brainstorm. > > At a high level I suppose there are several things we need to do: > > Build a WS-Trust service for token exchange. At the very least we > need to be able to create symmetric keys from the asymmetric public > keys for WS-SecureConversation. > WS-SecurityPolicy > > First we need to start using JAXB catalog files. These files > allow JAXB to use classes which have already been generated when doing > xsd2java. In other words, our ws-security module can generate the > security policy beans and reference the beans in the policy module. > Whereas right now, the policy beans would be regenerated by JAXB. This > requires an upgrade to JAXB 2.1 and also it requires use of the > official/Mojo JAXB plugin instead of our own. Our own plugin is > architected in such a way that adding this feature isn't really > possible without a rewrite, which seems like a waste of time. > > Which, if not all, policy assertions do we need to support? > > WS-SecureConversation service and interceptors > WS-Security feature for configuration (I heard through the > grapevine someone may have started on this. Would be interested to see > what has been done - I really like the way Spring-WS does WS-Security > configuration so it may be interesting to look into that) > > So with that - anyone else looked into this in more detail? Anyone want > to help pick up this feature for 2.1? > > Cheers, > - Dan > -- > Dan Diephouse > MuleSource > http://mulesource.com | http://netzooid.com/blog > > > > > -- View this message in context: http://www.nabble.com/WS-SX-tp12841062p14731154.html Sent from the cxf-dev mailing list archive at Nabble.com.
