[
https://issues.apache.org/jira/browse/CXF-3733?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13083038#comment-13083038
]
Sergey Beryozkin commented on CXF-3733:
---------------------------------------
wss4j dependency will be needed - I think this is OK given that WSS4J has a lot
of fine code to do with all sort of subtle security issues - so reusing some of
that code when possible in context of non-SOAP requests seems perfectly ok to me
> Introduce rt/rs/security/xml module
> -----------------------------------
>
> Key: CXF-3733
> URL: https://issues.apache.org/jira/browse/CXF-3733
> Project: CXF
> Issue Type: Task
> Components: JAX-RS
> Affects Versions: 2.5
> Reporter: Sergey Beryozkin
> Assignee: Sergey Beryozkin
> Fix For: 2.5
>
>
> rt/rs/security/xml module should host the code to do with XML security:
> signature and encryption.
> it may also host SAML related code simply because SAML assertions are in XML
> format and they can have XML signatures and
> in principle - encrypted as part of XML payload.
> the idea of using rt/rs/security/*xml* is also about adding in due time
> support for non-XML security, ex, smime, some OAuth and OpendId helpers,
> Salmon (?), CAS, etc - the list is quite open ended
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
