On Jun 20, 2008, at 11:23 AM, John-M Baker wrote:
Hi,
What was the solution to this problem? Only apply it to the REST
service?
Will a future release of CXF fix it for SOAP?
Well, JAX-WS has it's own security stuff. Thus, for jax-ws/soap,
you would need the WebServiceContext injected which has the principal/
role on it.
Dan
John Baker
--
Web SSO
IT Infrastructure
Deutsche Bank London
URL: http://websso.cto.gt.intranet.db.com
Daniel Kulp <[EMAIL PROTECTED]>
18/06/2008 14:43
Please respond to
[email protected]
To
[email protected]
cc
Subject
Re: Roles and permissions
On Jun 18, 2008, at 9:38 AM, Sergey Beryozkin wrote:
Hi,
If so then I'd assuem it's something which needs to be fixed in a
jaxws asm processor, as this method
Response getApplicationConfiguration(@PathParam("id") String id,
@Context SecurityContext sc);
is unlikely to be part of whatever interface the JAX-WS endpoint
supports ?
Dan, what do you reckon ? Is it possible to push the methods to be
invoked over SOAP to a seperate interface so that the other methods
are not introspected on the implementation class itself ?
Yes. The endpointInterface attribute on the WebService annotation
would give us the interface that we would use.
Alternatively, just add:
@WebMethod(exclude = true)
to the methods you don't want JAX-WS to look at.
Dan
John, you can also try annotating a field instead
@Context
private SecurityContext sc;
Note it's not thread-safe but it will be fixed shorly
Cheers, Sergey
Yes, I do.
<!-- Define the REST service -->
<jaxrs:server id="cxf.server.rest.ApplicationConfigurationService"
address="/rest">
<jaxrs:serviceBeans>
<ref bean="service.beans.applicationConfiguration" />
</jaxrs:serviceBeans>
</jaxrs:server>
<!-- Define the application configuration webservice -->
<jaxws:endpoint id="cxf.server.soap.ApplicationConfigurationService"
implementor="#service.beans.applicationConfiguration"
address="/soap/applicationConfiguration" />
John Baker
--
Web SSO
IT Infrastructure
Deutsche Bank London
URL: http://websso.cto.gt.intranet.db.com
----------------------------
IONA Technologies PLC (registered in Ireland)
Registered Number: 171387
Registered Address: The IONA Building, Shelbourne Road, Dublin 4,
Ireland
---
Daniel Kulp
[EMAIL PROTECTED]
http://www.dankulp.com/blog
---
This e-mail may contain confidential and/or privileged information.
If you are not the intended recipient (or have received this e-mail
in error) please notify the sender immediately and delete this e-
mail. Any unauthorized copying, disclosure or distribution of the
material in this e-mail is strictly forbidden.
Please refer to http://www.db.com/en/content/eu_disclosures.htm for
additional EU corporate and regulatory disclosures.
---
Daniel Kulp
[EMAIL PROTECTED]
http://www.dankulp.com/blog