Hi cxf users! At my old company, when using SOAP, we were using Standards like WS-Trust including a Security Token Service to authenticate SAML Token for our users (incl. audience-uri-specific claims/role).
We used the WS-Federation Standard to let users authenticate and used WS-Trust to propagate the user's saml token across multiple applications/webservice hops. (onBehalfOf Flow). We did use SAML token issued from service accounts for backend2backend communication. Now my question is: Which of these use cases are supported (out of the box or partly supported) in cxf, based on which protocol/flows REST/OIDC/OAuth2/JWT World? I had trouble finding input specifically how to implement a onBehalfOf Flow online. If you can point me to a specific flow or how to give me hints how achieve a similar use case (or let me know if there is no standard for a certain use case) that would be awesome! greetings Raggy
