Rest and SOAP WS are not the same thing. I use Shiro to secure REST WS as well, but this is not the original question.
I too am looking for a solution to secure SOAP web services with Shiro but have yet to find one. On Jun 9, 2012, at 8:02 AM, Paulo Pires <[email protected]> wrote: > I use Shiro to replace WS-Security. > > Simply, I create my REST WS and put annotations like > @RequiresAuthentication or @RequiresRole (don't forget to check on using > aspects for annotation support) and then define in shiro.ini the paths > and respective filters, like: > > [urls] > /rest/auth = ssl, rest > /rest/admin = ssl, rest > > And that's it so far. /rest/auth authenticates and returns a cookie than > it's sent on every other request. if you don't set it, for instance, > when reaching /rest/admin which @RequiresAuthentication, you'll receive > an 500 error. I'd like to have 401 or 403 but I'm not sure how to do it, > yet. > > Cheers, > PP > > On 09/06/12 09:22, ipas wrote: >> Hi, How to use shiro to secure JAX-WS services? Is there any way to >> integrate shiro with WS-Security or use instead of it? >> >> Thank you. >> >> -- >> View this message in context: >> http://shiro-user.582556.n2.nabble.com/JAX-WS-services-and-shiro-tp7577486.html >> Sent from the Shiro User mailing list archive at Nabble.com. > > -- > Paulo Pires >
