I don't know a lot about acegi, but if you are only talking about
propagating a WS-Security UnsernameToken through a SOAP wss:Security
header, then yes, CXF is perfectly capable of doing this.
Note, however, that you will need to add some code on the consuming
side of the message to "validate" the username and password, via
WSS4J callback, which you'll also need to configure through Spring.
Like XFire, the CXF WS-Security interceptor is based not only on the
WSS4J toolkit, but also on the WSS4J Handler architecture (which Axis
uses, as well). Not knowing much at all about XFire, I believe the
CXF configuration should be pretty strightforwardly mappable to CXF.
Shout if you need a sample CXF config.
-Fred
On Aug 27, 2007, at 3:44 PM, Kaleb Walton wrote:
There is an example at that URL
as well but it is for XFire and I'm not sure how those concepts
translate
over to CXF; additionally the example they use points out its own
inefficiency suggesting it should use a custom handler to read the
contents
of the SOAP message via StAX.
