There is no standard way of doing this that is currently supported in CXF. Your requirements are pretty similar to this JIRA:
https://issues.apache.org/jira/browse/CXF-3520 You essentially need to write an interceptor to carry out the two STS calls. There are two ways of doing it - you could call the STSClient Object directly in the interceptor to get the first token, and then use this token in a second call. To do this you could take a look at some of the unit tests here: https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/issueunit/IssueUnitTest.java;h=4374acda261244e97bcdee60b6d79ceb38115a15;hb=HEAD The alternative is to use an IssuedToken policy in the service WSDL and get let CXF take care of getting the first SAML Token. Then have your interceptor run after the IssuedTokenOutInterceptor, retrieve the token + transform it. Colm. On Fri, Mar 14, 2014 at 11:13 AM, Alexander Savinov < [email protected]> wrote: > Hello everybody I have a problem configuring CXF. > > > > First of all the Architecture I am using is the following. > > > > I have an STS, an AdmissionTokenService (ATS) and a WebService. > > > > So my Client need to request(via x509) a SAML Token from the STS in order > to communicate with the Service. > > This works wonderfull, but in order to call the Methods from the Service > the Client also needs a SAML-Token from the ATS. > > > > So the Client needs to request a SAML Token from the STS. Use the SAML > Token to request the SAML Token 2 from the ATS. > > This is also working great, but how do I get CXF to use the SAML Token 2 in > a request to the Service. > > The SAML Token 2 should be a supporting token and the first Token is the > IssuedToken. > > > I used cxf.xml to configure this. > > > > As I could see this is not a standard configuration which I can handle with > properties in the cxf.xml > > So what is the best way to go, can I use an Interceptor for that? I am > pretty new to cxf and WebServices. > > > > Best regards > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
