cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "jeremy.kittel" <jeremy.kit...@mediabeacon.com>
Subject Dynamic Enable/Disable
Date Tue, 28 Apr 2015 16:49:15 GMT
I've a question about Fediz. I'm currently using to protect a jetty
web application and wondering if it is possible to enable/disable
Fediz authentication dynamically?


For instance I've configured jetty to use a security handler


depicted in code below:

SecurityHandler aSecurityHandler = new ConstraintSecurityHandler();
aSecurityHandler.setRealmName(null);
LoginService aLoginService = new FederationLoginService("WSFED");
aSecurityHandler.setLoginService(aLoginService);
FederationAuthenticator aAuthenticator = new FederationAuthenticator();
aAuthenticator.setConfigFile(aJettyHome + File.separator +  "contexts"
+ File.separator + "fediz_config.xml");
aSecurityHandler.setAuthenticator(aAuthenticator);
myWebApplicationContext.setSecurityHandler(aSecurityHandler);
myWebApplicationContext.addOverrideDescriptor(aJettyHome +
File.separator + "etc" + File.separator + "override-web.xml");


This I'd like to be able to bypass fediz authentication in some cases
and fall back to our application level authentication vs the webserver
authentication.

Is this at all possible?

Please advise



--
View this message in context: http://cxf.547215.n5.nabble.com/Dynamic-Enable-Disable-tp5756690.html
Sent from the cxf-user mailing list archive at Nabble.com.

Mime
View raw message