Hello,
We are working on a Project that relies on several web service calls. We have some credential information within web service calls, which are not within header & we are not using ws-i security, using just custom fields for username/password pairs. Currently we are using custom code to check for authentication/authorization and would like to use some security related Project, which would enable us to authorize based on roles and also we will be needing to integrate to several ldap servers & database in the future, thus current implementation is not adequate. Currently a web application is also present, which is using spring security. All spring security examples I have been able to reach are for mostly web applications, that deal with sessions and login pages. Thus, the question is, which framework to use (if using anything is possible and/or meaningful) for security ? I have seen JAAS based filters on cxf site. Regards, Alp
