Hello Sergey, First of all what you have suggested I have done as you can see above. But this incorporation of an interceptor has no effect and no one requires a login if I do a request to the address in my browser. My question about JAAS was intended to get a feedback from you if I have grasp JAAS correctly. In Karaf the JAAS login mechanism looks into <karaf_home>/etc/users.properties, isn't it? I don't know what you mean when you are talking about anonymous users and I cannot find any property /allowAnonymous/. I just want to know if one entry as stated above in users.propties is enough for an authorization? However this is not the point at the moment because no one is asking for any authorization - what a shame.
Do I have to create any web app context file for any other authentication stuff beyond /blueprint.xml/ and /users.properties/? Do I have to configure <karaf_home>/etc/org.apache.karaf.jaas.cfg ??? Kind regards, Hilderich -- View this message in context: http://camel.465427.n5.nabble.com/Adding-jaas-authentication-to-a-cxf-endpoint-in-karaf-tp5758340p5758462.html Sent from the Camel - Users mailing list archive at Nabble.com.