Hi
The current way http auth is set up in CXF is to use Spring
configuration to on HTTPConduit, like so in a file like "client.xml".
<bean
name="{http://apache.org/hello_world_soap_http}Greeter.http-conduit";
abstract="true">
<property name="authorization">
<value>
<sec:authorization>
<sec:UserName>Polar</sec:UserName>
<sec:Password>querty</sec:Password>
</sec:authorization>
</value>
</property>
</bean>
This approach looks less like "having security" and more like "getting
around the *problem* of security".
Why don't have a simple interface like AuthorizationProvider ot something like
that :
<sec:authorization>
<sec:provider>AuthorizationProviderImpl</sec:provider>
</sec:authorization>
and then have to analyze whatever info you can provider it and give you the
required credentials ?
Cheers, Sergey
