On Thu February 4 2010 9:31:06 am marlonguerios wrote: > Hi people, I guess the answer for my question is "no", but I would like to > hear from you if it really isn't possible to create a security token > service using CXF and what would be your suggestions for such a project.
Well, I wouldn't say it's impossible. After all, an STS is pretty much a SOAP service. It's just not an "easy automatic" thing yet. You probably could use a "Provider<Source>" type service to implement the STS. It wouldn't be easy as you would need to deal with the whole soap:body contents, but it would work. CXF could handle all the security stuff (via the security policy implementation). Like I said, not really "ideal". I honestly haven't had time yet to look at Metro or anything yet to see how they do it. -- Daniel Kulp [email protected] http://www.dankulp.com/blog
