cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Schneider <>
Subject Re: Using Spring JSR-250 based Authorization but not Authentication
Date Tue, 15 Sep 2009 22:01:01 GMT
I guess you will need some kind of spring security authentication. At 
least so far that spring security knows the authenticated principal. How 
else should it do the authorisation.



HamletDRC schrieb:
> I have a set of CXF services I want to have authorization provided on based
> on Spring Security and the JSR-250 annotations. I do _not_ want to use the
> Spring Authentication mechanisms... for authentication I have the
> WSS4JInInterceptor and am quite happy with it. 
> Does anyone know how to use just the Spring authorization in CXF? 
> It should be as easy as adding this line of XML config to cxf.xml: 
> 	<security:global-method-security jsr250-annotations="enabled"/>
> But when I do that I get bean not found errors for the
> "_authenticationManager" bean. I don't want to specify an authentication
> manager, I just want to specify an AccessDecisionManager. 
> Any ideas on reference material? I read the Spring Security user guide but
> didn't feel like I knew what to do. 
> Thanks, 
> Hamlet D'Arcy
> -----
> --
> Hamlet D'Arcy

View raw message