On 05/11/14 21:50, rareddy wrote:
Basically I am working on a data integration project that gets data from
various sources and integrates them. This is in a JEE env. The user logs
into our app using JAAS, now I need to make client calls to SAML & OAuth2
backed web services to retrieve the data.
Two usecases here are, configure cxf to make the client calls ignoring the
logged subject and establishing new identity,
the next is delegation, where
some how use/decorate logged in subject's credentials to make necessary
calls that avoids extra authentication.
If you'd like me to help somehow please spend more time on explaining
the bigger picture/relationship between the various parties. I can not
recommend what can be done at the CXF level by trying to read between
the above lines :-)
In the former case it is not clear to me what do you mean by a client
establishing a new identity, or more precisely how does it relate to the
CXF supporting SAML.
In the latter case I can only suggest what I already said, we can
consider enhancing the relevant code if you have another idea of how
this can be done and CXF won't offer a proper approach for that
Cheers, Sergey
Thanks
Ramesh..
--
View this message in context:
http://cxf.547215.n5.nabble.com/JAX-RS-Client-to-handle-SAML-OAuth2-in-SSO-tp5750699p5750771.html
Sent from the cxf-user mailing list archive at Nabble.com.
