Re: integration with Spring Security

Wed, 01 Feb 2012 18:17:41 -0800

I guess you just use the SS to protect the URI. It could be easy to add another filter on the SS side to map the exception. 

On Wed Feb  1 22:54:39 2012, gigi shea wrote:

Hi, Sergey,

thank you so much for the reply. You are right, SS is added as a chain of
filters to accomplish authentication and authorization before the
invocation of CXF. we don't use it for service method level authorization.
So it does not sound likely that I can use any exception mapper to get SS
exceptions rendered the same way as CXF exceptions then. I do manually set
the statuses of response when SS exceptions are seen. Just want to display
them in a better format



On Wed, Feb 1, 2012 at 7:17 AM, Sergey Beryozkin<[email protected]>wrote:


Hi

On 01/02/12 03:59, gigi shea wrote:


Hello, there,

we have Spring Security (SS) to provide authentication and authorization
for our web services impl. by CXF jax-rs. It works fine but for the
exception part. When SS throws authentication/accessDenied exception, it
will never reach CXF's exception mappers. But we'd like the exceptions
handled uniformly.

I've been searching online for solutions but cannot find any good one. Can
someone please share some hints? really appreciate it

  In this demo

http://svn.apache.org/repos/**asf/cxf/trunk/distribution/**
src/main/release/samples/jax_**rs/spring_security/<http://svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/jax_rs/spring_security/>

we use an exception mapper:

http://svn.apache.org/repos/**asf/cxf/trunk/distribution/**
src/main/release/samples/jax_**rs/spring_security/src/main/**
java/demo/jaxrs/service/**SecurityExceptionMapper.java<http://svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/jax_rs/spring_security/src/main/java/demo/jaxrs/service/SecurityExceptionMapper.java>

to convert the exception to 403.

I suspect in your case Spring security is enforced before the CXF chain is
initiated, if yes, then you'd need to convert the exceptions to proper
statuses at the servlet filter level

Cheers, Sergey

--
Sergey Beryozkin

Talend Community Coders
http://coders.talend.com/

Blog: http://sberyozkin.blogspot.com







--
Willem
----------------------------------
FuseSource
Web: http://www.fusesource.com
Blog:    http://willemjiang.blogspot.com (English)
        http://jnn.javaeye.com (Chinese)
Twitter: willemjiang Weibo: willemjiang

Reply via email to