I've added a couple of tests which show how to use WS-Trust without configuring the client with the URL or service/port names of the STS. The first test the client is just configured with the policy of the STS + gets the other details from the WSDL of the service. The second the client uses WS-MEX to get the WSDL from the STS directly.
http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/issuer/ http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/issuer/ Colm. On Wed, Nov 6, 2013 at 6:45 PM, Andrei Shakirin <ashaki...@talend.com>wrote: > Hi, > > > Yes. I don't want to have, client side, any configuration . I want to > use only > > the informations obtained from the MEX call to the service. > > MetadataExchange is supported by CXF. You could obtain service WSDL with > WS policies using MEX on the client side. > This system test can be used as a basis: > https://svn.apache.org/repos/asf/cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/mex/MEXTest.java > > Regards, > Andrei. > > > -----Original Message----- > > From: Emiliano Carlesi [mailto:emiliano.carl...@itattitude.com] > > Sent: Mittwoch, 6. November 2013 11:57 > > To: users@cxf.apache.org > > Cc: Andrei Shakirin; Emiliano Carlesi > > Subject: RE: Newbie question > > > > Hi Andrei, > > > > As first, thanks for your replies. > > > > Yes. I don't want to have, client side, any configuration . I want to > use only > > the informations obtained from the MEX call to the service. > > > > Again, thanks :-) > > > > Ciao > > > > Emiliano Carlesi > > > > > > -----Original Message----- > > From: Andrei Shakirin [mailto:ashaki...@talend.com] > > Sent: Wednesday, November 6, 2013 11:52 AM > > To: users@cxf.apache.org > > Cc: Emiliano Carlesi > > Subject: RE: Newbie question > > > > Hi, > > > > Just re-reading your message, would you like that WS-Policy with security > > assertions is not stored locally by the client, but will be retrieved > from the > > service? > > > > Regards, > > Andrei. > > > > > -----Original Message----- > > > From: Emiliano Carlesi [mailto:emiliano.carl...@itattitude.com] > > > Sent: Dienstag, 5. November 2013 13:06 > > > To: users@cxf.apache.org > > > Cc: Emiliano Carlesi > > > Subject: Newbie question > > > > > > Hi All, > > > I'm new to CXF so this question could be stupid... Please be patient > > > :) > > > > > > I read the CXF book, some tutorials and many articles. I doubt, > > > however, remains :( > > > > > > I have a WSP under WS-Trust, so the WSC when invoke it need to attach > > > a valid token. > > > I see many example and in all of these I see the client "know" the STS > > > because configuration its configured on the client side. > > > I don't want to configure the policies in the client. I want to use > > > the WSP contract :) > > > > > > I'd like the WSC do a MEX call to the WSP to discover which policies > > > it must implements. When found a required token policy, the WSC must > > > use the address in "sp:Issuer" -> "wsaw:Address" to know which STS use. > > > > > > I think CXF don't work like this "out of the box". It's right? > > > > > > Thank you :) > > > > > > Ciao > > > > > > Emiliano Carlesi > > > > > > Email: > > > emiliano.carl...@itattitude.com<mailto:emiliano.carl...@itattitude.com > > > > > > > Mobile: +39 3487837153 > > > Phone: +39 0650939115 > > > Fax: +39 0689284365 > > > Skype: emiliano.carlesi > > > Lync: > > > emiliano.carl...@itattitude.com<mailto:emiliano.carl...@itattitude.com > > > > > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com