Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to Enable Spring Security for Apache-CXF JAX-WS

How can I enable Spring Security for apache JAX-WS at Apache-CXF? Examples at web includes Jax-RS examples but I don't use Jax-RS. I don't want to use cxf's security. How can implement it at my code?

like image 682
kamaci Avatar asked Jun 11 '12 05:06

kamaci


Video Answer


1 Answers

Two potential ways:

  1. Put a BasicAuthenticationFilter or DigestAuthenticationFilter in front of your CXF Servlet.

  2. Use a WS-Security UsernamePasswordToken with CXF and write a CallbackHandler that a) creates a UsernamePasswordAuthenticationToken, b) calls authenticationManager.authenticate() and c) stores the authentication in the SecurityContextHolder.

Note that the above doesn't cover the concept of logout since login sessions are generally implemented with cookies and the above are stateless approaches. If you really need logout then you should consider using OAuth because you can implement logout by invalidating access tokens.

like image 145
sourcedelica Avatar answered Nov 02 '22 23:11

sourcedelica