cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "jeremy.kittel" <>
Subject Dynamic Enable/Disable
Date Tue, 28 Apr 2015 16:48:30 GMT
I've a question about Fediz. I'm currently using to protect a jetty
web application and wondering if it is possible to enable/disable
Fediz authentication dynamically?

For instance I've configured jetty to use a security handler

depicted in code below:

SecurityHandler aSecurityHandler = new ConstraintSecurityHandler();
LoginService aLoginService = new FederationLoginService("WSFED");
FederationAuthenticator aAuthenticator = new FederationAuthenticator();
aAuthenticator.setConfigFile(aJettyHome + File.separator +  "contexts"
+ File.separator + "fediz_config.xml");
myWebApplicationContext.addOverrideDescriptor(aJettyHome +
File.separator + "etc" + File.separator + "override-web.xml");

This I'd like to be able to bypass fediz authentication in some cases
and fall back to our application level authentication vs the webserver

Is this at all possible?

Please advise

View this message in context:
Sent from the cxf-dev mailing list archive at

View raw message