Hi Community,
In Zurich Insurance we had a task to provide REST interface for STS module.
I tried to use org.apache.cxf.sts.rest.RESTSecurityTokenServiceImpl, but found
following issues:
- it is not possible to change path;
- issue with providing realm name as path param;
- not possible to provide Json-like responses;
- there is no OpenAPI documentation;
- there is no any flexibility with custom functionality.
Because of points above, we implemented own interface and implementation (based
on org.apache.cxf.sts.rest.RESTSecurityTokenServiceImpl) that solved all issues
that I mentioned.
This is why we propose to contribute our implementation to CXF.
It could be done in following steps steps:
1. For re-using RESTSecurityTokenServiceImpl? implementation and not implements
RESTSecurityTokenService, I need to have methods:
public void setMessageContext(MessageContext messageContext)
public void setSecurityContext(SecurityContext securityContext)
2. Provide API
- interface with OpenAPI documentation
- requests classes
3. Provide ContainerRequestFilter and fix in UriRealmParser? for properly
manage realm name path parameter.
Provide class ExtRealmProperties for extending realm properties with RS
security properties.
4. Provide JaasAuthenticationFilter and JwtAuthenticationFilter
5. Provide new REST interface implementation
Could you please let me know what do you think and, if it is interesting for
community, I will provide PRs.
Best Regards,
Dmitry
**************************************
