Thanks for response. Yeah read jaxrs Oauth2 documentation. It is really what i need :) On Apr 10, 2014 11:44 PM, "Andrei Shakirin [via CXF]" < ml-node+s547215n5742669...@n5.nabble.com> wrote:
> Hi, > > I am redirecting the question into user list, if you don't mind. > > I think OAuth 2.0 client credentials could be elegant solution for this > case (https://cxf.apache.org/docs/jax-rs-oauth2.html). > You will be able to authenticate client first time with HTTP basic > credentials against OAuth Authentication Service (authentication can be > JAAS based) and issue AccessToken (and RefreshToken). > For further call Resource Service will validate AccessToken and you don't > need to send HTTP basic credentials anymore. > > Second option is using SAML authentication token and STS with JAAS > extension, but this is more involved ( > https://cxf.apache.org/docs/jax-rs-saml.html ). > > Does it make sense for you? > > Regards, > Andrei. > > > -----Original Message----- > > From: Honey Goyal [mailto:[hidden > > email]<http://user/SendEmail.jtp?type=node&node=5742669&i=0>] > > > Sent: Donnerstag, 10. April 2014 10:06 > > To: [hidden email]<http://user/SendEmail.jtp?type=node&node=5742669&i=1> > > Subject: Secure CXF rsServer with Jaas authentication > > > > Hi, > > > > I am newbie to CXF. I have configured CXF JAASAuthenticationFilter to > > authenticate by jaas realm to each rest call. But each time i had to > pass Basic > > Authenticate header to authenticate it. Can i configure any token based > login > > along with JAAS? So that only first time it authenticate with jaas and > return any > > auth token. Next time only i need that auth token to make call from > client side. > > > > This is my working blueprint > > > > <?xml version="1.0" encoding="UTF-8"?> > > <blueprint > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > > xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0" > > xmlns:camel="http://camel.apache.org/schema/blueprint" > > xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf" > > xmlns:cm=" > http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.0.0" > > xmlns:jaxrs="http://cxf.apache.org/blueprint/jaxrs" > > xsi:schemaLocation=" > > http://www.osgi.org/xmlns/blueprint/v1.0.0 > > http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd > > http://camel.apache.org/schema/blueprint/cxf > > http://camel.apache.org/schema/blueprint/cxf/camel-cxf.xsd > > http://cxf.apache.org/blueprint/jaxrs > > http://cxf.apache.org/schemas/blueprint/jaxrs.xsd > > http://camel.apache.org/schema/blueprint > > http://camel.apache.org/schema/blueprint/camel-blueprint.xsd" > > > > > <cm:property-placeholder persistent-id="com.xxxx.cp.securitytoken"> > > <cm:default-properties> > > <cm:property name="myapp.api.url" > > value="http://localhost:80/v1" /> > > </cm:default-properties> > > </cm:property-placeholder> > > > > <cxf:rsServer id="rsServer" address="/security" > > serviceClass="com.xxxx.cp.securitytoken.SecurityTokenServiceImpl"> > > <cxf:providers> > > <ref component-id="authorizationFilter"/> > > </cxf:providers> > > </cxf:rsServer> > > > > < bean id="authorizationFilter" > > class="org.apache.cxf.jaxrs.security.JAASAuthenticationFilter"> > > Name of the JAAS Context > > <property name="contextName" value="myRealm"/> > > </bean> > > > > <camelContext xmlns="http://camel.apache.org/schema/blueprint" > > id="security"> > > <route> > > <from uri="cxfrs://bean://rsServer"/> > > <to uri="{{myapp.api.url}}?bridgeEndpoint=true" /> > > </route> > > </camelContext> > > > > </blueprint> > > > > > > > > -- > > View this message in context: > http://cxf.547215.n5.nabble.com/Secure-CXF- > > rsServer-with-Jaas-authentication-tp5742659.html > > Sent from the cxf-dev mailing list archive at Nabble.com. > > > ------------------------------ > If you reply to this email, your message will be added to the discussion > below: > > http://cxf.547215.n5.nabble.com/Secure-CXF-rsServer-with-Jaas-authentication-tp5742659p5742669.html > To unsubscribe from Secure CXF rsServer with Jaas authentication, click > here<http://cxf.547215.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=5742659&code=ZXIuaG9uZXkyMDEyQGdtYWlsLmNvbXw1NzQyNjU5fC0xOTIzNzA4OTQ=> > . > NAML<http://cxf.547215.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> > -- View this message in context: http://cxf.547215.n5.nabble.com/Secure-CXF-rsServer-with-Jaas-authentication-tp5742659p5742697.html Sent from the cxf-dev mailing list archive at Nabble.com.