Hope you're having some progress with this effort.
After reading through the Spring Security docs, I think you need to have a custom Spring Security authorization manager/provider
created which would implement one of the interfaces expected by SprongSecurity and also utilize a CXF-provided WS-Security
UsernameToken handler (I'm presumimg it exists)...
What do you think ?
It would also be interesting to say, have a combined JAXWS/JAXRS service, which would use WS-Security on the SOAP side and
XMLSecurity on the JAXRS side - I might fancy looking at such a demo/test at some time later on
Cheers, Sergey
I've successfully implemented Spring Security in my CXF project, but I really
need to get it hooked in with WS-Security to allow client applications to
authenticate. (Spring Security is using HTTP form authentication right now,
which is fine in a web browser, but I need this to work for service
requests.)
I'm wanting to use UsernameToken authentication, with WS-Security passing
the authentication information on to Spring Security. I've done a lot of
searching and it sounds easy enough when using the Spring Web Services
framework, but I don't know how it can be done in CXF.
I already have a simple WS-Security service and client working, I just don't
know how to integrate that with Spring Security.
Has anyone attempted this before? Could someone give me a few pointers? :)
Thank you,
- Dave
--
View this message in context:
http://www.nabble.com/Attempting-WS-Security-with-Spring-Security-tp20863276p20863276.html
Sent from the cxf-user mailing list archive at Nabble.com.
