cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Freeman Fang <>
Subject Re: Authentication / Authorization with with http jetty transport in standalone mode
Date Thu, 25 Nov 2010 13:32:44 GMT
To enable server side HTTP Basic Auth, we need an interceptor to do  
it,  the basic idea is extract AuthorizationPolicy from the incoming  
message and compare the username/password, but it's not so  
complicated, here is a good article[1] to show how to do it.

Or another way to configure server side basic auth could be configure  
the jetty instance to handle the authentication,  as Jetty has a  
"SecurityHandler" that can be configured into the handlers via CXF  

Hope this helps.

On 2010-11-25, at 下午8:51, Schneider Christian wrote:

> Hi all,
> I already know how to configure security in a servlet environment  
> but the service uses the built in jetty to open the http port. I  
> have not yet found any information on how to set up authentication /  
> authorization in this case.
> In my case basic auth against a static set of usernames / passwords  
> would be enough for authentication.
> For authorization a static group would be ok. Ideal would be to get  
> the group from LDAP.
> Can I simply do these configs in the jetty instance somehow?
> Best regards
> Christian
> Christian Schneider
> Informationsverarbeitung
> Business Solutions
> Handel und Dispatching
> Tel : +49-(0)721-63-15482
> EnBW Systeme Infrastruktur Support GmbH
> Sitz der Gesellschaft: Karlsruhe
> Handelsregister: Amtsgericht Mannheim ‑ HRB 108550
> Vorsitzender des Aufsichtsrats: Dr. Bernhard Beck
> Geschäftsführer: Jochen Adenau, Hans-Günther Meier

Freeman Fang


Apache Servicemix:
Apache Cxf:
Apache Karaf:
Apache Felix:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message