Return-Path: Delivered-To: apmail-cxf-users-archive@www.apache.org Received: (qmail 93076 invoked from network); 1 Feb 2010 20:30:49 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 1 Feb 2010 20:30:49 -0000 Received: (qmail 72851 invoked by uid 500); 1 Feb 2010 20:30:48 -0000 Delivered-To: apmail-cxf-users-archive@cxf.apache.org Received: (qmail 72763 invoked by uid 500); 1 Feb 2010 20:30:48 -0000 Mailing-List: contact users-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@cxf.apache.org Delivered-To: mailing list users@cxf.apache.org Received: (qmail 72752 invoked by uid 99); 1 Feb 2010 20:30:48 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 01 Feb 2010 20:30:48 +0000 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [66.207.172.168] (HELO server.dankulp.com) (66.207.172.168) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 01 Feb 2010 20:30:38 +0000 Received: by server.dankulp.com (Postfix, from userid 5000) id D58E050700B6; Mon, 1 Feb 2010 15:30:14 -0500 (EST) X-Spam-Checker-Version: SpamAssassin 3.2.1-gr2 (2007-05-02) on server.dankulp.com X-Spam-Level: X-Msg-File: /tmp/mailfilter.d5VnjNSyox Received: from dilbert.localnet (c-24-91-141-225.hsd1.ma.comcast.net [24.91.141.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by server.dankulp.com (Postfix) with ESMTPSA id 7319450700B3; Mon, 1 Feb 2010 15:30:10 -0500 (EST) From: Daniel Kulp To: users@cxf.apache.org Subject: Re: Spring Security with CXF JMS Endpoint Date: Mon, 1 Feb 2010 15:30:11 -0500 User-Agent: KMail/1.12.4 (Linux/2.6.32-gentoo; KDE/4.3.5; x86_64; ; ) Cc: johnpfeifer4 References: <27409262.post@talk.nabble.com> <201002011516.35372.dkulp@apache.org> <27410771.post@talk.nabble.com> In-Reply-To: <27410771.post@talk.nabble.com> MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <201002011530.11781.dkulp@apache.org> X-Virus-Checked: Checked by ClamAV on apache.org X-Old-Spam-Status: No, score=-3.5 required=3.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=unavailable version=3.2.1-gr2 On Mon February 1 2010 3:25:23 pm johnpfeifer4 wrote: > Dan, > > We have to get this done ASAP so we're willing to do the development (and > contribute). Can you tell me if this code is in the latest release > version? Yep. It's in 2.2.6. From any interceptor, you can call: SecurityContext sc = message.get(SecurityContext.class); sc.getPrincipal(); Which SHOULD have the username set on it providing the JMS provider has been setup to provide that information. Dan > > Thanks, > > John > > dkulp wrote: > > Christian recently did some updates to the JMS transport to pull the > > JMSXUserID from the JMS Message and stick that into our SecurityContext. > > You > > would probably need an interceptor that would then take that and feed > > that into the Spring security context. If you do develop some > > interceptors for > > this, we'd love to have them. :-) > > > > Dan > > > > On Mon February 1 2010 1:51:44 pm johnpfeifer4 wrote: > >> I was wondering if anyone has an example of implement spring security > >> with > >> a CXF JMS Endpoint. We currently secure all of our endpoints with the > >> element, limiting access to certain endpoints to a > >> particular role(s). > >> > >> Now we have a requirement to enforce security for JMS endpoints. It > >> seems > >> that the listener that picks it off the JMS queue would have to know > >> where > >> to find the credentials on the message. Perhaps we need to write our > >> own > >> interceptors to do this? > >> > >> I figured I would post here before I start my own investigation. Any > >> help > >> would be greatly appreciated. > >> > >> Thanks, > >> > >> John > -- Daniel Kulp dkulp@apache.org http://www.dankulp.com/blog