Thanks Dan
I started experimenting with this last week using an interceptor so far
its working out well
Thanks for the feedback
Suneet
Daniel Kulp wrote:
On Monday 26 April 2010 11:20:59 am Suneet Shah wrote:
Hello:
I need to be able control access to service operations based on a
persons role. I have an access control framework that I need to
integrate with. Any thoughts on how I can integrate this in to CXF?
Could I define a custom interceptor for this? and would it be possible
to layer this with WS-Security? Ie.
- Use WS-Security to validate a saml token to see if a user has been
authenticated
- Next determine the user role and if they have access to a particular
service or operation?
An interceptor could be perfect for this. You can get the authenticated
user Principal object from the WS-Security layer or even from the HTTP layer
(if using something like basic auth) from the message properties. From
there, you could do some sort of authorization based on your framework and
either proceed or throw an exception.
Dan
Any guidance would be greatly appreciated.
Thanks
Suneet
