The JAX-WS spec kind of covers this.
If you inject WebServiceContext, from the context, you can get the user
principal and call the isUserInRole call which would call back into the tomcat
auth modules. From that, you can act on it any way you please.
Dan
On Thu February 19 2009 5:58:12 pm Slava Imeshev wrote:
> Hi all,
>
> I have an interesting use case that I am not sure how to approach.
>
> Consider a service MyService on Tomcat, pseudocode:
>
> MyService {
> Set<Entry> getEntries();
> }
>
> For that service, if the requester did not authenticate, the
> getEntries would return a limited list of entries, only those allowed
> for "public" access. If the requestor did authenticate, the service
> returns an extended set. How can this be done with CXF?
>
> Regards,
>
> Slava Imeshev
--
Daniel Kulp
[email protected]
http://www.dankulp.com/blog
