Hello, we have a project in Apache Camel, deployed to Karaf. There we have a CXF-RS interface exposed in Camel routes. To limit and "secure" access to the REST interface, we have used SSL client cert authentication (http://blog.nanthrax.net/2012/12/how-to-enable-https-certificate-client-auth-with-karaf/). So, only trusted clients with valid certificate are allowed to use the REST interface.
Now we have a complication, for some cases we need to use different kind of authentication and "bypass" the SSL client auth cert. I have found that for example Basic HTTP auth is possible to configure with JAAS. My question is, it is possible to configure also this builtin Karaf/pax-web SSL client auth cert with JAAS? Or I have to write custom LoginModule for CXF and handle all the SSL heavy lifting there and get away from the Karaf builtin feature? Thanks guys! -- S pozdravem / Best regards Martin Stiborský Jabber: [email protected] Twitter: http://www.twitter.com/stibi
