[
https://issues.apache.org/jira/browse/CXF-2873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12885149#action_12885149
]
Tomasz Oponowicz commented on CXF-2873:
---------------------------------------
First of all it's obvious (for me) that endpoints should be well secured
because of sensitive information.
Unfortunately I've made mistake in the title of this task.
I think about "Add authentication support (*temporary implementation using*
-via- HTTP basic authentication)".
First I will create basic solution to have grounds for enhanced it (ex. with
"digest access authentication" or "WSSE UsernameToken" or HTTPS).
I also agree that "HTTP basic" isn't secure method.
Sergey mentioned about very important thing:
bq. If we use the basic auth then HTTPS will have to be set up which may be a
bit of a headache if people just would like to view logs
Easy configuration is crucial. We should keep this in mind.
At the moment I don't know what is the best solution for us. I must about think
this for a while.
Thanks for your help.
> Add authentication support (via HTTP basic authentication)
> ----------------------------------------------------------
>
> Key: CXF-2873
> URL: https://issues.apache.org/jira/browse/CXF-2873
> Project: CXF
> Issue Type: Sub-task
> Reporter: Tomasz Oponowicz
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
