cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From krishmn <>
Subject Is there any out of box interceptor for authenticating webservices (WS-Security) ?
Date Mon, 22 Sep 2008 22:32:28 GMT



We are trying to integrate CXF with Spring security for webservices and
using UserNameToken Profile for WS-Security.

Right now I'm writing the WSCallbackHandler to handle the "UserNameToken"
profile and authenticate against the spring secuirty by injecting

Is there a "WS-SecurityIntercetor" similar to "WSS4JInInterceptor" which I
can use to inject the authentication mechanisam and as well as different
security profiles so that it would be done automatically for me?

<bean id="serverPasswordCallback"
<property name="authenticationManager" ref="authenticationManager"/>

<bean id="wss4jInConfiguration"
class=" erceptor">
<property name="properties">
<entry key="action" value="UsernameToken"/>
<entry key="passwordType" value="PasswordText" />
<ref bean="serverPasswordCallback"/>

<jaxws:endpoint id="helloWorldEndpoint" implementor="#helloWorld"
address="/HelloWorld" >
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInte rceptor" />
<ref bean="wss4jInConfiguration"/>


View this message in context:
Sent from the cxf-dev mailing list archive at

View raw message