[
https://issues.apache.org/jira/browse/CXF-4344?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13287324#comment-13287324
]
Colm O hEigeartaigh commented on CXF-4344:
------------------------------------------
Fix committed - see here for a sample configuration:
http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-transport.xml?view=markup
Colm.
> Provide simplifications and shortcuts in CXF STS configuration
> --------------------------------------------------------------
>
> Key: CXF-4344
> URL: https://issues.apache.org/jira/browse/CXF-4344
> Project: CXF
> Issue Type: Improvement
> Affects Versions: 2.6
> Reporter: Glen Mazza
> Assignee: Colm O hEigeartaigh
> Priority: Minor
> Fix For: 2.6.2
>
>
> Presently STS configuration in the cxf-servlet.xml file is a bit verbose[1],
> especially if one is planning on configuring multiple STS endpoints within
> the same file. I would like to see configuration simplified a bit for those
> wishing to remain with default/common settings. In particular:
> 1.) In any SecurityTokenServiceProvider instantiation, default the values of
> issueOperation and validateOperation to
> org.apache.cxf.sts.operation.TokenIssueOperation and
> org.apache.cxf.sts.operation.TokenValidateOperation if not explicitly
> specified (same for the other operations). If concerned about hardwiring
> constant classes in such a manner, create a
> DefaultSecurityTokenServiceProvider with these defaults that people can use
> instead.
> 2.) Provide properties "stsProperties" and "services" for the
> SecurityTokenServiceProvider (perhaps other properties defined
> in AbstractOperation) that will be the default for AbstractOperation
> subclasses like TokenIssueOperation and TokenValidateOperation unless
> explicitly defined as done presently.
> 3.) For TokenIssueOperation and TokenValidateOperation, default the values of
> tokenProviders and tokenValidators to SAMLTokenProvider and
> SAMLTokenValidator unless explicitly defined as done presently.
> Such shortcuts will allow configuration to simplified from this:
> <bean id="x509STSProviderBean"
>
> class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
> <property name="issueOperation" ref="x509IssueDelegate" />
> <property name="validateOperation" ref="x509ValidateDelegate" />
> </bean>
> <bean id="x509IssueDelegate"
> class="org.apache.cxf.sts.operation.TokenIssueOperation">
> <property name="tokenProviders" ref="x509SamlTokenProvider" />
> <property name="services" ref="x509Service" />
> <property name="stsProperties" ref="x509STSProperties" />
> </bean>
> <bean id="x509ValidateDelegate"
> class="org.apache.cxf.sts.operation.TokenValidateOperation">
> <property name="tokenValidators" ref="x509SamlTokenValidator" />
> <property name="stsProperties" ref="x509STSProperties" />
> </bean>
> <bean id="x509SamlTokenProvider"
> class="org.apache.cxf.sts.token.provider.SAMLTokenProvider"/>
> <bean id="x509SamlTokenValidator"
> class="org.apache.cxf.sts.token.validator.SAMLTokenValidator"/>
> to this:
> <bean id="x509STSProviderBean"
>
> class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
> <property name="services" ref="x509Service" />
> <property name="stsProperties" ref="x509STSProperties" />
> </bean>
> These changes can probably all be done in a backwards-compatible manner so it
> wouldn't be necessary to wait for CXF 2.7 before implementing.
> [1]
> http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts/src/demo/wssec/sts/wssec-sts.xml?revision=1190520&view=markup
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
