Hi
On 01/02/12 03:59, gigi shea wrote:
Hello, there,
we have Spring Security (SS) to provide authentication and authorization
for our web services impl. by CXF jax-rs. It works fine but for the
exception part. When SS throws authentication/accessDenied exception, it
will never reach CXF's exception mappers. But we'd like the exceptions
handled uniformly.
I've been searching online for solutions but cannot find any good one. Can
someone please share some hints? really appreciate it
In this demo
http://svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/jax_rs/spring_security/
we use an exception mapper:
http://svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/jax_rs/spring_security/src/main/java/demo/jaxrs/service/SecurityExceptionMapper.java
to convert the exception to 403.
I suspect in your case Spring security is enforced before the CXF chain
is initiated, if yes, then you'd need to convert the exceptions to
proper statuses at the servlet filter level
Cheers, Sergey
--
Sergey Beryozkin
Talend Community Coders
http://coders.talend.com/
Blog: http://sberyozkin.blogspot.com
