Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-4431

Add support for OAuth2 'mac' token type

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.6.1
    • Fix Version/s: 2.6.3, 2.7
    • Component/s: JAX-RS, JAX-RS Security
    • Labels:
      None
    • Estimated Complexity:
      Moderate

      Description

      CXF currently supports only the Bearer token type. This token type is not feasible for use without SSL.
      OAuth2 specs out the 'mac' token type that requires request signing for authentication using the access token. The spec is described here:
      http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01

        Attachments

        1. mac_token_nonce_checking.txt
          86 kB
          Sasi M
        2. mac_token_support.txt
          71 kB
          Sasi M

          Activity

            People

            • Assignee:
              sergey_beryozkin Sergey Beryozkin
              Reporter:
              sasidharm Sasi M
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: