Re: CXF and Acegisecurity

Tue, 01 Jul 2008 04:20:53 -0700 

Sergey,

If using WS-Security with CXF, is it possible to annotate methods that we 
want secured?  I.e.

  <!-- Define the application configuration webservice that uses 
WS-Security -->
  <jaxws:endpoint id="cxf.server.soap.ApplicationConfigurationService" 
    implementor="#service.beans.applicationConfiguration" 
    address="/soap/applicationConfiguration"> 
    <jaxws:inInterceptors>
       <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
       <ref bean="cxf.server.wss4jInConfiguration"/>
    </jaxws:inInterceptors>
  </jaxws:endpoint> 

Secures all the methods exposed through the 
service.beans,applicatonConfiguration bean, but if I just want to secure 
method X, is it possible?

Creating two separate services seems a little verbose.


John Baker
-- 
Web SSO 
IT Infrastructure 
Deutsche Bank London

URL:  http://websso.cto.gt.intranet.db.com




"Sergey Beryozkin" <[EMAIL PROTECTED]> 
01/07/2008 10:14
Please respond to
[email protected]


To
<[email protected]>
cc
<[email protected]>
Subject
Re: CXF and Acegisecurity






Cool, thanks for a link. These links can get added to the wiki.
I hope that in your project, where you combine JAX-RS and JAX-WS in one 
resource class, the single piece of
Spring Security config should suffice, not sure though. let us know please 
how it goes

Cheers, Sergey

----- Original Message ----- 
From: "John-M Baker" <[EMAIL PROTECTED]>
To: <[email protected]>
Cc: <[email protected]>
Sent: Tuesday, July 01, 2008 10:09 AM
Subject: Re: CXF and Acegisecurity


> There's also a good example here:
>
> http://www.jroller.com/habuma/entry/method_level_security_in_spring
>
> I'm currently looking at what is required to wire Spring security into 
the
> WS-Security module!
>
>
> John Baker
> -- 
> Web SSO
> IT Infrastructure
> Deutsche Bank London
>
> URL:  http://websso.cto.gt.intranet.db.com
>
>
>
>
> "Sergey Beryozkin" <[EMAIL PROTECTED]>
> 01/07/2008 10:06
> Please respond to
> [email protected]
>
>
> To
> <[email protected]>
> cc
>
> Subject
> Re: CXF and Acegisecurity
>
>
>
>
>
>
> Hi
>
>
>> Are there any docs specifically on implementing CXF REST With
>> Acegisecurity? Google didnt return anything obvious..  A simple example
>> showing how to secure a couple methods would be handy.
>
> have a look here please :
>
> 
http://static.springframework.org/spring-security/site/reference/html/ns-config.html#ns-method-security

>
>
> It's a Spring Security module which you're after. It should be possible 
to
> use AOP-like expressions to specify what kind of security
> credentials need to be applied to various methods in your resource
> class...
>
> Cheers, Sergey
>
>
>>
>> Thanks,
>>
>>
>> John Baker
>> -- 
>> Web SSO
>> IT Infrastructure
>> Deutsche Bank London
>>
>> URL:  http://websso.cto.gt.intranet.db.com
>>
>>
>> ---
>>
>> This e-mail may contain confidential and/or privileged information. If
> you are not the intended recipient (or have received this
>> e-mail in error) please notify the sender immediately and delete this
> e-mail. Any unauthorized copying, disclosure or distribution
>> of the material in this e-mail is strictly forbidden.
>>
>> Please refer to http://www.db.com/en/content/eu_disclosures.htm for
> additional EU corporate and regulatory disclosures.
>
> ----------------------------
> IONA Technologies PLC (registered in Ireland)
> Registered Number: 171387
> Registered Address: The IONA Building, Shelbourne Road, Dublin 4, 
Ireland
>
>
>
> ---
>
> This e-mail may contain confidential and/or privileged information. If 
you are not the intended recipient (or have received this 
> e-mail in error) please notify the sender immediately and delete this 
e-mail. Any unauthorized copying, disclosure or distribution 
> of the material in this e-mail is strictly forbidden.
>
> Please refer to http://www.db.com/en/content/eu_disclosures.htm for 
additional EU corporate and regulatory disclosures. 

----------------------------
IONA Technologies PLC (registered in Ireland)
Registered Number: 171387
Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland



---

This e-mail may contain confidential and/or privileged information. If you are 
not the intended recipient (or have received this e-mail in error) please 
notify the sender immediately and delete this e-mail. Any unauthorized copying, 
disclosure or distribution of the material in this e-mail is strictly forbidden.

Please refer to http://www.db.com/en/content/eu_disclosures.htm for additional 
EU corporate and regulatory disclosures.

Reply via email to