cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache CXF Documentation > Security
Date Wed, 22 Dec 2010 16:54:00 GMT
<html>
<head>
    <base href="https://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/1810/9/1/_/styles/combined.css?spaceKey=CXF20DOC&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background: white;" bgcolor="white" class="email-body">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="https://cwiki.apache.org/confluence/display/CXF20DOC/Security">Security</a></h2>
    <h4>Page <b>edited</b> by             <a href="https://cwiki.apache.org/confluence/display/~sergey_beryozkin">Sergey
Beryozkin</a>
    </h4>
        <br/>
                         <h4>Changes (2)</h4>
                                 
    
<div id="page-diffs">
            <table class="diff" cellpadding="0" cellspacing="0">
            <tr><td class="diff-snipped" >...<br></td></tr>
            <tr><td class="diff-unchanged" >h1. Authentication <br> <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">Container
or Spring Security managed authentication as well as the custom authentication are all the
viable options used by CXF developers. <br> <br>Starting from CXF 2.3.2 and 2.4.0
it is possible to use an org.apache.cxf.interceptor.security.JAASLoginInterceptor in order
to authenticate a current user and populate a CXF SecurityContext. <br> <br></td></tr>
            <tr><td class="diff-unchanged" >h1. Authorization <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">
<br>Container or Spring Security managed authorization as well as the custom authorization
are all the viable options used by CXF developers. <br> <br>CXF 2.3.2 and 2.4.0
introduce org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor and org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor
interceptors which can help with enforcing the authorization rules. <br></td></tr>
        </table>
</div>                            <h4>Full Content</h4>
                    <div class="notificationGreySide">
        <span style="font-size:2em;font-weight:bold"> Securing CXF Services </span>

<div>
<ul>
    <li><a href='#Security-Securetransports'>Secure transports</a></li>
<ul>
    <li><a href='#Security-HTTPS'>HTTPS</a></li>
</ul>
    <li><a href='#Security-WSSecurity'>WS-* Security</a></li>
    <li><a href='#Security-Authentication'>Authentication</a></li>
    <li><a href='#Security-Authorization'>Authorization</a></li>
</ul></div>

<h1><a name="Security-Securetransports"></a>Secure transports</h1>

<h2><a name="Security-HTTPS"></a>HTTPS</h2>

<p>Please see the <a href="http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html"
class="external-link" rel="nofollow">Configuring SSL Support</a> page for more information.</p>

<h1><a name="Security-WSSecurity"></a>WS-* Security</h1>

<p>Please see the <a href="http://cxf.apache.org/docs/ws-support.html" class="external-link"
rel="nofollow">WS-* Support</a> page for more information.</p>

<h1><a name="Security-Authentication"></a>Authentication</h1>

<p>Container or Spring Security managed authentication as well as the custom authentication
are all the viable options used by CXF developers.</p>

<p>Starting from CXF 2.3.2 and 2.4.0 it is possible to use an org.apache.cxf.interceptor.security.JAASLoginInterceptor
in order to authenticate a current user and populate a CXF SecurityContext.</p>

<h1><a name="Security-Authorization"></a>Authorization</h1>

<p>Container or Spring Security managed authorization as well as the custom authorization
are all the viable options used by CXF developers.</p>

<p>CXF 2.3.2 and 2.4.0 introduce org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor
and org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor interceptors which can
help with enforcing the authorization rules.</p>
    </div>
        <div id="commentsSection" class="wiki-content pageSection">
        <div style="float: right;">
            <a href="https://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
        </div>
        <a href="https://cwiki.apache.org/confluence/display/CXF20DOC/Security">View
Online</a>
        |
        <a href="https://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=24190972&revisedVersion=2&originalVersion=1">View
Changes</a>
                |
        <a href="https://cwiki.apache.org/confluence/display/CXF20DOC/Security?showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
            </div>
</div>
</div>
</div>
</div>
</body>
</html>

Mime
View raw message