Actually, you probably need this link :
http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_security/WEB-INF/
cheers, Sergey
----- Original Message -----
From: "Sergey Beryozkin" <[email protected]>
To: <[email protected]>
Sent: Monday, February 15, 2010 10:01 AM
Subject: Re: Is it possible to integrate CXF JAX-RS with Spring Security 2.0.5 ?
Hi
please see
http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookInterface.java
(interface)
http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStore.java
(impl)
http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBook.java
(secure subresource)
http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSpringSecurityClassTest.java
(test)
and
http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_security_no_annotations/WEB-INF/
hope it helps, Sergey
----- Original Message -----
From: "johnrock" <[email protected]>
To: <[email protected]>
Sent: Sunday, February 14, 2010 9:57 PM
Subject: Is it possible to integrate CXF JAX-RS with Spring Security 2.0.5 ?
I am trying to figure out if it is possible to integrate Spring Security
2.0.5 with cxf jax-rs.
I have a website running spring security FORM-based authentication and have
implemented cxf to run some jax-rs webservices. I would like the cxf URIs
to be annotated with @Secured({"ROLE_USER"}) so that only authenticated
users can call the webservice URI. Then, I would like to be able to get the
username from the Authentication object that should exist in the
SecurityContext. If I can do that then I can be sure that the username
calling this webservice is indeed the user they say they are (at least in so
far as they have authenticated with a password)
I have not been able to figure out a way to do this. It seems that the
requests coming in to cxf never have a principal or authentication object
set. If I mark the webservice methods with @Secured({"ROLE_USER"}) all
requests are denied.
I do not know whether I am missing a Spring or CXF configuration setting,
not setting up the HttpClient that is making the request to the webservice
correctly, or whether this cannot be done at all.
I would greatly appreciate if someone can clarify my confusion on how to do
this.
Thank you.
--
View this message in context:
http://old.nabble.com/Is-it-possible-to-integrate-CXF-JAX-RS-with-Spring-Security-2.0.5---tp27587340p27587340.html
Sent from the cxf-user mailing list archive at Nabble.com.
