Hi
On 03/03/14 18:42, Thorsten Höger wrote:
Am 03.03.2014 11:27, schrieb Sergey Beryozkin:
Hi Thorsten
On 01/03/14 17:42, Thorsten Höger wrote:
Hi,
are there plans to support OpenId Connect (Server/Client) as extension to
OAuth2 in CXF?
Yes.
Right now, the immediate priority is to support JWT wrapped as CXF
ServerAccessToken,
and the JWT assertions grant. Next, offer the JAX-RS services support for the
client
registration and token management.
OpenId Connect will be next (possibly some prototyping will start after the JWT
support
is done). I'm not sure right now in what form it will be supported, may be some
of it
will be done as part of Fediz, but I think at the very least CXF OAuth2
endpoints should
be able to work with the OpenId Connect aware infrastructure...
Do you have any particular integration requirements ? What is it that attracts
you in
OpenId-Connect most ?
We are using CXF as a REST backend for our online-banking system. The first
part with
OpenId Connect would be to act as an OpenId Identity-Provider. The next part
would be to
authenticate/register new users via Google+, Facebook etc.
Right, thanks. I believe this is in line with the Fediz roadmap which
Oli has put in place, with OAuth2-based SSO covered eventually too.
Just in case: CXF supports SAML SP Web Profile and this has been tested
against many SAML IDPs; Fediz currently supports WS-Fed passive Profile
- deployed in a major production. So we have some SSO support in place.
Cheers, Sergey
Regards,
Thorsten
Cheers, Sergey
Regards,
Thorsten
