An STS JAAS LoginModule for Apache CXF
21 hours ago

By Colm O hEigeartaigh
Last year I blogged about how to use JAAS with Apache CXF, and the different LoginModules that were available. Recently, I wrote another article about using a JDBC LoginModule with CXF. This article will cover a relatively new JAAS LoginModule  added to CXF for the 3.0.3 release. It allows a service to dispatch a Username and Password to a STS (Security Token Service) instance for authentication via the WS-Trust protocol, and also to retrieve ...
Continue reading →

Apache Karaf Tutorial part 10 - Declarative services
23 hours ago

By Christian Schneider

Blog post edited by Christian Schneider

This tutorial shows how to use Declarative Services together with the new Aries JPA 2.0.

You can find the full source code on github Karaf-Tutorial/tasklist-ds

Declarative Services

Declarative Services (DS) is the biggest contender to blueprint. It is a slim service injection framework that is completely focused on OSGi. DS allows you to ...


Continue reading →

Apache Karaf Tutorial Part 8 - Distributed OSGi
1 day ago

By Christian Schneider

Blog post edited by Christian Schneider - "Updated to karaf 3.0.3 and cxf dosgi 1.6.0"

By default OSGi services are only visible and accessible in the OSGi container where they are published. Distributed OSGi allows to define services in one container and use them in some other (even over machine boundaries).

For this tutorial we use the DOSGi sub project of CXF which ...


Continue reading →

A new Crypto implementation in Apache WSS4J
1 day ago

By Colm O hEigeartaigh
Apache WSS4J uses the Crypto interface to get keys and certificates for asymmetric encryption/decryption and signature creation/verification. In addition, it also takes care of verifying trust in an X.509 certificate used to sign some portion of the message. WSS4J currently ships with three Crypto implementations:
  • Merlin: The standard implementation, based around two JDK keystores for key/cert retrieval, and trust verification.
  • CertificateStore: Holds ...

Continue reading →

Using AWS KMS with Apache CXF to secure passwords
4 days ago

By Colm O hEigeartaigh
The previous tutorial showed how the AWS Key Management Service (KMS) can be used to generate symmetric encryption keys that can be used with WS-Security to encrypt and decrypt a service request using Apache CXF. It is also possible to use the KMS to secure keystore passwords for asymmetric encryption and signature, that are typically stored in properties files when using WS-Security with Apache CXF.

1) Encrypting passwords in a Crypto properties file

...
Continue reading →
More Articles

Pages

Subscribe to Talend Community Coders aggregator