Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-5519

Setting SecurityConstants.STS_TOKEN_ACT_AS as CallbackHander requires better documentation.

    XMLWordPrintableJSON

    Details

    • Estimated Complexity:
      Unknown

      Description

      Using: cxf-tr-ws-security-2.7.8

      The current documentation states that SecurityConstants.STS_TOKEN_ACT_AS
      declared with "a CallbackHandler object to use to obtain the token"

      A very specific CallbackHandler implementation is required. It MUST be
      an implementation that supports processing DelegationCallback as input and
      generating a org.w3c.dom.Element.

      Existing examples are
      org.apache.cxf.ws.security.trust.delegation.ReceivedTokenCallbackHandler
      org.apache.cxf.ws.security.trust.delegation.WSSUsernameCallbackHandler

      The code in org.apache.cxf.ws.security.trust.AbstractSTSClient requires this.

      814 DelegationCallback callback = new DelegationCallback(message);
      815 ((CallbackHandler)delegationObject).handle(new Callback[]

      {callback}

      );
      816 return callback.getToken();

        Attachments

          Activity

            People

            • Assignee:
              coheigea Colm O hEigeartaigh
              Reporter:
              rsearls Rebecca Searls
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: