Hello, My company is looking to implement an electronic signing solution based on an external service provider. This service provider provides a set of REST services which require OAuth 1.0a authentication/authorization. They don't support 3-leg flow at all, they don't recommend to use 2-leg, but only 1-leg.
Looking at the CXF documentation, I found these two pages: http://cxf.apache.org/docs/cxf-oauth-10.html, http://cxf.apache.org/docs/jax-rs-oauth.html, but it is still difficult to get an idea of what CXF proposes as far as OAuth 1.0a is concerned, and more specifically 1-leg flow. Additionally, the links on these pages are broken such that it is not possible to download neither CXF OAuth 1.0 Extension, as proposed, nore the samples OAuth Demo Server and OAuth Demo Client. Last but not least, our REST clients supposed to use OAuth 1.0a will run as Java EE components deployed on WebSphere 9.0.0.3 which comes with Apache 3.0.3. We don't have the option to use another release of Apache CXF than the one comming with WebSphere. And customizing Apache CXF 3.0.3 in WebSphere is probably difficult or not possible given that it comes bundled in a quite rigid way. So my questions are: what options would we have here ? Is it possible to use Apache CXF for these purposes and, if yes, how ? Where can I find examples of JAX-RS clients ? And how to download and install the required extensions in the already bundles CXF on WebSphere ? Many thanks in advance, for your help. Kind regards, Nicolas -- View this message in context: http://cxf.547215.n5.nabble.com/Using-OAuth-1-0a-with-JAX-RS-CXF-tp5780889.html Sent from the cxf-user mailing list archive at Nabble.com.
