Interesting you should ask this..... I first heard about ACEGI last week in a different conversation and have just started to look into it a bit. I'd LOVE to have your input into this as to what you think is needed or what you would consider good integration.
Here are my thoughts so far: (keep in mind, I had never heard of ACEGI till last week so I could be completely off base) 1) If you deploy your app as a war using the spring webapp stuff and setting up to use aop for your service, it should just work. The acegi filter should grab the basic-auth stuff, setup the security context stuff it needs, and when we call invoke on the service, the acegi stuff should grant/deny it. 2) Longer term, we could write an interceptor that grabs the AuthorizationPolicy object and HTTPS/WS-Sec stuff from our message and fills in the acegi contexts with the details. That really wouldn't be a huge amount of work to do. Dan On Thursday 13 September 2007, mattmadhavan wrote: > Hello, > Can some one point me to some docs on the CXF and ACEGI integration or > CXF and security like authentication and authorization. Some sample > app will even be great. > > I found some blogs on the CXF+ACEGI, but it is Java centric. On the > client side we need to set the which class handles the security on the > Server side! But if I am using some other language for clients like C# > it does n't seem to be the proper way! > > Any ideas will be greatly appreciated. > > Thanks > Matt -- J. Daniel Kulp Principal Engineer IONA P: 781-902-8727 C: 508-380-7194 [EMAIL PROTECTED] http://www.dankulp.com/blog
