RE: [Axis2] Restful web service and spring security

[Caristi, Joe]

Here is how it works for us:

We have Axis2 embedded in our web application (http://wso2.org/library/90).  We 
also have a Spring security filter defined in the web.xml file of the same web 
application.  With the proper Spring configuration to back it up, this handles 
authentication.

<filter>
            <filter-name>securityFilter</filter-name>
            
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
      </filter>
      <filter-mapping>
            <filter-name>securityFilter</filter-name>
            <url-pattern>/*</url-pattern>
      </filter-mapping>

Once the users are authenticated by Spring, authorization is accomplished by 
setting up Spring ACL security in our Spring configuration and our code. This 
can be quite complicated, depending on what you need to do. We manually filter 
collections of objects based on ACLs using a Spring 
AclEntryAfterInvocationCollectionFilteringProvider.

________________________________
From: Amarnath Mukherjee [mailto:amarnath.mukher...@tcs.com]
Sent: Monday, January 30, 2012 10:12 AM
To: java-user@axis.apache.org
Subject: [Axis2] Restful web service and spring security

Hi,

I have a requirement to use spring security for authentication and 
authorization of a request for a restful web service service developed with 
AXIS2.
I have no clue about how to do that.
It would be a great help if you can give any pointer on this.
Thanks in advance,
Amarnath

=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain
confidential or privileged information. If you are
not the intended recipient, any dissemination, use,
review, distribution, printing or copying of the
information contained in this e-mail message
and/or attachments to it are strictly prohibited. If
you have received this communication in error,
please notify us by reply e-mail or telephone and
immediately and permanently delete the message
and any attachments. Thank you
--------------------------------------------------------------------- To 
unsubscribe, e-mail: java-user-unsubscr...@axis.apache.org For additional 
commands, e-mail: java-user-h...@axis.apache.org

________________________________
STATEMENT OF CONFIDENTIALITY:



The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the addressee(s) and may
contain confidential or privileged information. If you are not the intended
recipient, please notify WHI Solutions immediately at g...@whisolutions.com,
and destroy all copies of this message and any attachments.