Hi ,
I have implemented Spring-security for CXF restful web services using JAX-RS APIs.I have extended AuthenticationProcessingFilterEntryPoint in my customized filter class and configured it in the following way : <?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:beans="http://www.springframework.org/schema/beans"; xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd";> <http auto-config="false" entry-point-ref="secureAuthenticationFilter"> <intercept-url pattern="/placeOrder" access="ROLE_User" /> <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" /> </http> <authentication-provider user-service-ref="authenticationProvider"> </authentication-provider> <!-- This class is dao class which will be used to load data from db using hibernate--> <beans:bean id="authenticationProvider" class="com.fetch.fetchfirst.service.myCustomProvider"> <beans:property name="sessionFactory" ref="sessionFactory" /> </beans:bean> <beans:bean id="secureAuthenticationFilter" class="com.fetch.fetchfirst.webservice.filter.WebServiceAuthenticationFilter"> <beans:property name="loginFormUrl" value="/placeOrder" /> <beans:property name="authenticationProvider" ref="authenticationProvider" /> </beans:bean> </beans:beans> This authentication filter extends AuthenticationProcessingFilterEntryPoint and override commence methods. public void commence(ServletRequest request, ServletResponse response, final AuthenticationException authException) throws IOException, ServletException { public void commence(ServletRequest request, ServletResponse response, final AuthenticationException authException) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; // You can manipulate data from request and response. And authenticate your user and send response to the client by PrintWriter RequestDispatcher dispatcher = httpRequest.getRequestDispatcher("/placeOrder"); dispatcher.forward(request, response); } } This is all what I have done. Regards, Ragini On 12/3/08, Sergey Beryozkin <[EMAIL PROTECTED]> wrote: > > I'm planning to start working on a Spring Security based demo shortly - > hopefully we'll be able to see what bugs if any need to be sorted out in CXF > JAXRS - but I'd also really like to hear about any practical experiences out > there. > > If someone who has already implemented a successful Spring Security project > then sharing some hints or configuration would be appreciated > > Cheers, Sergey > > >> Hi, >> >> Did you get it working, can we share your notes please . >> >> --Irshad. >> >> Rest FulService wrote: >> >>> >>> Hi all, >>> >>> I am working with CXF 2.1.2 JAX-RS with Spring security and falling in >>> to >>> trap of jar conflicts. >>> Can anybody tell me CXF 2.1.1 support which version of spring 2.5.4 or >>> 2.0.8? >>> Or somebody ever implement Restful Webservice security with Jax-Rs and >>> spring. >>> >>> Your valuable input requires on urgent basis. >>> Thanks in advance >>> >>> Regards, >>> RWS >>> >>> >>> >> -- >> View this message in context: >> http://www.nabble.com/-Jax-Rs-security-with-spring-tp20262135p20792656.html >> Sent from the cxf-user mailing list archive at Nabble.com. >> >> >> > >
