cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Beryozkin" <sergey.beryoz...@iona.com>
Subject Re: HTTP Basic Authentication Is there hope?
Date Mon, 12 Feb 2007 09:59:52 GMT
Hi


> The current way http auth is set up in CXF is to use Spring 
> configuration to on HTTPConduit, like so in a file like "client.xml".
> 
>    <bean 
> name="{http://apache.org/hello_world_soap_http}Greeter.http-conduit" 
> abstract="true">    
>        <property name="authorization">
>            <value>
>                <sec:authorization>
>                    <sec:UserName>Polar</sec:UserName>
>                    <sec:Password>querty</sec:Password>
>                </sec:authorization>
>            </value>
>        </property>
>    </bean>
> 
> This approach looks less like "having security" and more like "getting 
> around the *problem* of security".
> 

Why don't have a simple interface like AuthorizationProvider ot something like that :

             <sec:authorization>
                    <sec:provider>AuthorizationProviderImpl</sec:provider>
              </sec:authorization>

and then have to analyze whatever info you can provider it and give you the required credentials
?

Cheers, Sergey


Mime
View raw message