Hi, CXF security runtime already has caching mechanism for security tokens received from STS (as well as in STS service itself). Look following Colm's blog for details: http://coheigea.blogspot.de/2012/04/security-token-caching-in-apache-cxf-26_25.html.
Firstly you can try existing functionality. If it doesn't fit your requirements for any reason, it is still possible to extend the CXF caching or explicitly get security token from STS, inject it into SOAP header and organize own caching, but it is definitely more work. Cheers, Andrei. > -----Original Message----- > From: patch_78 [mailto:[email protected]] > Sent: Sonntag, 14. April 2013 02:11 > To: [email protected] > Subject: How to call STS directly and cache security token > > Hi, > > I read an very good example to use STS at > http://www.jroller.com/gmazza/entry/cxf_sts_tutorial. But it seems every > time client calls a service the client must request a security token from STS > first, even though client requested/got security token before. > > > My question is : is it possible that client calls STS directly and stores a > security > token got from STS in tokenstore ?? This security token will be used later > when client calls web services, and client does not need to request security > tokens again. > Any suggestions / examples ? > > Thank you in advance! > patch > > > > > > -- > View this message in context: http://cxf.547215.n5.nabble.com/How-to-call- > STS-directly-and-cache-security-token-tp5726259.html > Sent from the cxf-user mailing list archive at Nabble.com.
