Hello,
Using CXF 2.1.1/tomcat 6 to expose Web services. I need to
1) authenticate web service calls and
2) authorize the call (i.e, ensure that caller has rights to execute the call).
I am trying to find out if there is a CXF recommended solution to accomplish
the authorization part of the problem. My first reaction is to authenticate the
call and then if that test passes, test whether user is authorized to execute
the call- all this happening within the WSS4JInInterceptor's password callback
class. Is there an another way to do this? FYI, I need the username and the
name of the method that call called in order to authorize the call.
Thanks for your time.
