Hi On Thu, Aug 4, 2011 at 9:53 AM, onesandtwos <[email protected]> wrote: > Hi, > > I'm new to CXF and trying to integrate with Microsoft Dynamics 2011 Online, > to their Discovery and Organization services. These require claims > authentication and getting of a token from Live ID. > > Since i'm new to practically everything to do with this :), I was wondering > if anyone had any experience with this, how to go about it, some examples, > how to set it up... Starting advice would be welcome :) > > I've proxied the WSDL's successfully and now need to figure out how much > custom code I need to write for Authentication/Authorization or what I can > use from within CXF. >
Colm's blog is probably the best place to start, see the latest two entries: http://coheigea.blogspot.com/ I think you can use custom Validators to extract claims from SAML assertions and do the authentication. However, I'm not sure if it is possible to do Authorization as well. We've discussed this issue earlier on and JIRA is opened. At the moment I'm working on some system security tests for JAX-RS and experimenting with SAML-driven authorization is on my map. I hope we can get a dedicated CXF security module introduced soon enough which will contain the code which can be shared by WS and RS endpoints, with claims (SAML-based for a start) authorization utility code being there too. In meantime it may be possible to write a custom CXF interceptor which will use WSS4J results and do some custom authorization... Cheers, Sergey -- Sergey Beryozkin http://sberyozkin.blogspot.com Talend - http://www.talend.com
