Hi Sergey,
Thanks for taking the time to respond.
I was able to capture the raw headers as they passed through Fiddler (a
debugging proxy) and the successful authorization request looks like:
While the unsuccessful one generated by REST Console:
I did try to update the content type and acce
Hi
On 31/01/14 18:25, icoleman wrote:
I have a problem that has been plaguing me for several days now and was
hoping someone had run across it before.
I have a provider implemented with Spring 3 & CXF 2.6.11. I have a consumer
that's a standalone Java application making requests to the provider.
I have a problem that has been plaguing me for several days now and was
hoping someone had run across it before.
I have a provider implemented with Spring 3 & CXF 2.6.11. I have a consumer
that's a standalone Java application making requests to the provider. The
OAuth 1.0 Authorization headers on
I wouldn't have thought the basic WSSecurityException would have been
that sensitive but I haven't thought it through too much.
As an example if the username/password is wrong, I'd rather tell the
user their user/password is wrong and or their session has timed out
rather than telling the user "an
Hi Colm,
Yes, I confirm that the custom Validator is returning both a transformed token
and a principal. As you said, the custom principal is not passed to the
ClaimsHandler. However, if I set a custom transformed token, I am able to
affect the resulting NameID value.
Many thanks for looking
Hi Colm,
I tried it with ExactlyOnce, but the the the CamelContext did not start due
to parsing issues of the blueprint beans.xml.
Looking at:
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.html
in section 7.1 its says:
/sp:AlgorithmSuite/wsp:Policy
This r
Hello,
I need to migrate from cxf 2.4.9 to cxf 2.7.8. I downloaded
*apache-cxf-2.7.8.zip*. When i extract it i am not able to find these two
jars *cxf-common-utilities-2.7.8.jar* and
*cxf-rt-transports-common-2.7.8.jar*.
Is these jars are renamed or moved out from 2.7.8? If so what are there
repl
There is no way of returning the actual underlying exception to the client,
as this could leak sensitive information to an attacker. Why do you need to
differentiate between different exception types on the client end?
Colm.
On Thu, Jan 30, 2014 at 7:16 PM, Ted wrote:
> Hi I'm on cxf 2.7.4,
>
Your policy formulation is invalid, as you are saying that you want both
AlgorithmSuites to be enforced. Instead you need a policy alternative,
something like:
Colm.
On Thu, Jan 30, 2014 at 6:14 PM, Kai Rommel wrote:
> Hi,
>
> I
--
* افسانه ابویی مهریزی*
10 matches
Mail list logo
