And how is that done? Via a set method of some kind? John Baker -- Web SSO IT Infrastructure Deutsche Bank London
URL: http://websso.cto.gt.intranet.db.com Daniel Kulp <[EMAIL PROTECTED]> 20/06/2008 18:13 Please respond to [email protected] To [email protected] cc Subject Re: Roles and permissions On Jun 20, 2008, at 11:23 AM, John-M Baker wrote: > Hi, > > What was the solution to this problem? Only apply it to the REST > service? > Will a future release of CXF fix it for SOAP? > Well, JAX-WS has it's own security stuff. Thus, for jax-ws/soap, you would need the WebServiceContext injected which has the principal/ role on it. Dan > > John Baker > -- > Web SSO > IT Infrastructure > Deutsche Bank London > > URL: http://websso.cto.gt.intranet.db.com > > > > > Daniel Kulp <[EMAIL PROTECTED]> > 18/06/2008 14:43 > Please respond to > [email protected] > > > To > [email protected] > cc > > Subject > Re: Roles and permissions > > > > > > > > On Jun 18, 2008, at 9:38 AM, Sergey Beryozkin wrote: > >> Hi, >> >> If so then I'd assuem it's something which needs to be fixed in a >> jaxws asm processor, as this method >> >>>> Response getApplicationConfiguration(@PathParam("id") String id, >>>> @Context SecurityContext sc); >> >> is unlikely to be part of whatever interface the JAX-WS endpoint >> supports ? >> Dan, what do you reckon ? Is it possible to push the methods to be >> invoked over SOAP to a seperate interface so that the other methods >> are not introspected on the implementation class itself ? > > Yes. The endpointInterface attribute on the WebService annotation > would give us the interface that we would use. > > Alternatively, just add: > @WebMethod(exclude = true) > to the methods you don't want JAX-WS to look at. > > Dan > > > >> >> >> John, you can also try annotating a field instead >> >> @Context >> private SecurityContext sc; >> >> Note it's not thread-safe but it will be fixed shorly >> >> Cheers, Sergey >> >>> Yes, I do. >>> >>> <!-- Define the REST service --> >>> <jaxrs:server id="cxf.server.rest.ApplicationConfigurationService" >>> address="/rest"> >>> <jaxrs:serviceBeans> >>> <ref bean="service.beans.applicationConfiguration" /> >>> </jaxrs:serviceBeans> >>> </jaxrs:server> >>> >>> <!-- Define the application configuration webservice --> >>> <jaxws:endpoint id="cxf.server.soap.ApplicationConfigurationService" >>> implementor="#service.beans.applicationConfiguration" >>> address="/soap/applicationConfiguration" /> >>> >>> John Baker >>> -- >>> Web SSO >>> IT Infrastructure >>> Deutsche Bank London >>> >>> URL: http://websso.cto.gt.intranet.db.com >>> >>> >> >> ---------------------------- >> IONA Technologies PLC (registered in Ireland) >> Registered Number: 171387 >> Registered Address: The IONA Building, Shelbourne Road, Dublin 4, >> Ireland > > --- > Daniel Kulp > [EMAIL PROTECTED] > http://www.dankulp.com/blog > > > > > > > > --- > > This e-mail may contain confidential and/or privileged information. > If you are not the intended recipient (or have received this e-mail > in error) please notify the sender immediately and delete this e- > mail. Any unauthorized copying, disclosure or distribution of the > material in this e-mail is strictly forbidden. > > Please refer to http://www.db.com/en/content/eu_disclosures.htm for > additional EU corporate and regulatory disclosures. --- Daniel Kulp [EMAIL PROTECTED] http://www.dankulp.com/blog --- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Please refer to http://www.db.com/en/content/eu_disclosures.htm for additional EU corporate and regulatory disclosures.
