Return-Path: X-Original-To: apmail-cxf-users-archive@www.apache.org Delivered-To: apmail-cxf-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D15B76155 for ; Tue, 14 Jun 2011 10:30:22 +0000 (UTC) Received: (qmail 35791 invoked by uid 500); 14 Jun 2011 10:30:22 -0000 Delivered-To: apmail-cxf-users-archive@cxf.apache.org Received: (qmail 35716 invoked by uid 500); 14 Jun 2011 10:30:22 -0000 Mailing-List: contact users-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@cxf.apache.org Delivered-To: mailing list users@cxf.apache.org Received: (qmail 35706 invoked by uid 99); 14 Jun 2011 10:30:22 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Jun 2011 10:30:22 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,RFC_ABUSE_POST,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of angelo.zerr@gmail.com designates 209.85.216.41 as permitted sender) Received: from [209.85.216.41] (HELO mail-qw0-f41.google.com) (209.85.216.41) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Jun 2011 10:30:18 +0000 Received: by qwa26 with SMTP id 26so3578145qwa.0 for ; Tue, 14 Jun 2011 03:29:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=HwtAvVhkKu7daY6StzaTRQmmNFmGcI4xp+kPjXgZCEM=; b=xVWAwD9GB6H5FYS4akHi/gXStosdcu0KWl8slDpG1AqqCC/P7Jj8UeHuZdvtqBLC/t Z+geSoE3Unz4HekVOBj/TJ3CDHhEd+nq5kCzU1h1mgtLYF2O7cWcjDGaugRF7pXnSkOg VctfeZKYAv4NGO3hObCtvT3VEC1HGKXBiedDg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=QY9wkVyXvPnA0ON5p+RU+T4J6bKnypdL011VLBXif3f81DDzO7dCsqKGeR7X8WwYSm MyEWMEDRGVv1P+uK7KgxFFi8rFEtiTW74OtSYYYQXOBQ5vdATpL32f/PlDLLhPkuGLIQ t8+/tKrZm9r1p5hyHn9Jb8/IsM9QJ7msfbn/I= MIME-Version: 1.0 Received: by 10.224.183.78 with SMTP id cf14mr4891748qab.396.1308047396760; Tue, 14 Jun 2011 03:29:56 -0700 (PDT) Received: by 10.224.74.74 with HTTP; Tue, 14 Jun 2011 03:29:56 -0700 (PDT) In-Reply-To: <4DF735A5.6020106@die-schneider.net> References: <4DF735A5.6020106@die-schneider.net> Date: Tue, 14 Jun 2011 12:29:56 +0200 Message-ID: Subject: Re: HTTP Basic CXF Interceptor with BasicAuthAuthorizationInterceptor From: Angelo zerr To: users@cxf.apache.org Content-Type: multipart/alternative; boundary=20cf303b39ad6eea8604a5a984b2 --20cf303b39ad6eea8604a5a984b2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi Christian , Thank a lot for your information. In my case I'm using Tomcat and WebSphere but Authentification must be delegate to our own security manager. That's why I need to manage basic autnetification. I don't use Spring to publish m= y webservice (just with Java code with Endpoint#publish). Regards Angelo 2011/6/14 Christian Schneider > Hi Angelo, > > do you run your service in Tomcat or standalone? If you run in tomcat or > any similar servlet container you can setup authnentication and > authorization using the container. Then CXF > will fetch the authenticated principal which you can use in CXF. For > example you can combine this with spring security to do role based > authentication on method level. If you only need authentication based on = the > url of the endpoint then the features of the container are often even > enough. > > So for many use cases you don=B4t need a special interceptor. > > We have an example how to secure a cxf service using camel and spring > security in the Talend Integration Factory examples: > https://github.com/Talend/tif/tree/master/examples/spring-security > > Like said this example also includes camel so it is not exactly what you > want but I think it can be adapted to use cxf only. The main thing is sim= ply > to make sure the spring security authentication is done and to wire in th= e > processing of jsr 250 annotations. > > This does the spring authentication: > > > springSecurityFilterChain > > org.springframework.web.filter.DelegatingFilterProxy > > > springSecurityFilterChain > /* > > > > > This enables annotation processing by spring: > > http://www.springframework.org/schema/security"/> > > > > Best regards > > Christian > > > Am 13.06.2011 17:34, schrieb Angelo zerr: > > Hi CXF Team, >> >> I would like to manage WebService with HTTP Basic CXF Interceptor and I >> have >> not found this interceptor in the CXF. So I have used the great code fro= m >> >> http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authenticatio= n/and >> it works great. >> I have noticed that some projects like >> >> http://code.google.com/p/fenius/source/browse/trunk/fenius-util/src/main= /java/is/glif/fenius/util/BasicAuthAuthorizationInterceptor.java?r=3D111hav= e >> used this code and I tell me why CXF doesn't include the >> BasicAuthAuthorizationInterceptor class? >> >> I have modified BasicAuthAuthorizationInterceptor to delegate >> user/password >> to another interface implementation and if you wish I could send you my >> work >> and tell to the author of the BasicAuthAuthorizationInterceptor if he is >> OK >> to contribute to CXF. >> >> Thank a lot for your answer. >> >> Regards Angelo >> >> > > -- > -- > Christian Schneider > http://www.liquid-reality.de > > Open Source Architect > Talend Application Integration Division http://www.talend.com > > --20cf303b39ad6eea8604a5a984b2--