[jira] [Updated] (CXF-5519) Setting SecurityConstants.STS_TOKEN_ACT_AS as CallbackHander requires better documentation.

Thu, 23 Jan 2014 13:46:33 -0800 

     [ 
https://issues.apache.org/jira/browse/CXF-5519?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Rebecca Searls updated CXF-5519:
--------------------------------

    Component/s: Documentation
    Description: 
Using: cxf-tr-ws-security-2.7.8

The current documentation states that SecurityConstants.STS_TOKEN_ACT_AS
declared with "a CallbackHandler object to use to obtain the token"

A very specific CallbackHandler implementation is required.  It MUST be
an implementation that supports processing DelegationCallback as input and
generating a org.w3c.dom.Element.
  
Existing examples are 
    org.apache.cxf.ws.security.trust.delegation.ReceivedTokenCallbackHandler 
    org.apache.cxf.ws.security.trust.delegation.WSSUsernameCallbackHandler
    

The code in org.apache.cxf.ws.security.trust.AbstractSTSClient requires this.

814     DelegationCallback callback = new DelegationCallback(message);
815     ((CallbackHandler)delegationObject).handle(new Callback[]{callback});
816     return callback.getToken();



  was:

Using: cxf-tr-ws-security-2.7.8

The current documentation states that SecurityConstants.STS_TOKEN_ACT_AS
declared with "a CallbackHandler object to use to obtain the token"

A very specific CallbackHandler implementation is required.  It MUST be
an implementation that supports processing DelegationCallback as input and
generating a org.w3c.dom.Element.
  
Existing examples are 
    org.apache.cxf.ws.security.trust.delegation.ReceivedTokenCallbackHandler 
    org.apache.cxf.ws.security.trust.delegation.WSSUsernameCallbackHandler
    

The code in org.apache.cxf.ws.security.trust.AbstractSTSClient requires this.

814     DelegationCallback callback = new DelegationCallback(message);
815     ((CallbackHandler)delegationObject).handle(new Callback[]{callback});
816     return callback.getToken();




> Setting SecurityConstants.STS_TOKEN_ACT_AS as CallbackHander requires better 
> documentation.
> -------------------------------------------------------------------------------------------
>
>                 Key: CXF-5519
>                 URL: https://issues.apache.org/jira/browse/CXF-5519
>             Project: CXF
>          Issue Type: Improvement
>          Components: Documentation, JAX-RS Security
>    Affects Versions: 3.0.0-milestone1, 2.7.8
>            Reporter: Rebecca Searls
>
> Using: cxf-tr-ws-security-2.7.8
> The current documentation states that SecurityConstants.STS_TOKEN_ACT_AS
> declared with "a CallbackHandler object to use to obtain the token"
> A very specific CallbackHandler implementation is required.  It MUST be
> an implementation that supports processing DelegationCallback as input and
> generating a org.w3c.dom.Element.
>   
> Existing examples are 
>     org.apache.cxf.ws.security.trust.delegation.ReceivedTokenCallbackHandler 
>     org.apache.cxf.ws.security.trust.delegation.WSSUsernameCallbackHandler
>     
> The code in org.apache.cxf.ws.security.trust.AbstractSTSClient requires this.
> 814     DelegationCallback callback = new DelegationCallback(message);
> 815     ((CallbackHandler)delegationObject).handle(new Callback[]{callback});
> 816     return callback.getToken();



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Reply via email to