That is exactly mi question, if I want to use authentication I must add
annotations, users, password and roles in serverconfig.xml, but I don`t
know how to include filters y mi server class.
In rs security sample I have in web.xml:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
and in beans.xml
<security:global-method-security secured-annotations="enabled">
<security:protect-pointcut
expression="execution(*
demo.jaxrs.service.CustomerService.getCustomer(*))"
access="ROLE_CUSTOMER, ROLE_ADMIN"/>
<security:protect-pointcut
expression="execution(*
demo.jaxrs.service.CustomerService.addCustomer(*))"
access="ROLE_ADMIN"/>
<security:protect-pointcut
expression="execution(*
demo.jaxrs.service.CustomerService.updateCustomer(Long,demo.jaxrs.service.Customer))"
access="ROLE_ADMIN"/>
<security:protect-pointcut
expression="execution(*
demo.jaxrs.service.CustomerService.deleteCustomer(*))"
access="ROLE_ADMIN"/>
<security:protect-pointcut
expression="execution(*
demo.jaxrs.service.CustomerService.getOrder(*))"
access="ROLE_CUSTOMER, ROLE_ADMIN"/>
</security:global-method-security>
<security:http auto-config='true'>
<security:http-basic />
</security:http>
The problem is with the first one, where can I put filter information in
the server class of the https example:
public class Server {
static {
// set the configuration file
SpringBusFactory factory = new SpringBusFactory();
Bus bus = factory.createBus("ServerConfig.xml");
BusFactory.setDefaultBus(bus);
}
protected Server() throws Exception {
JAXRSServerFactoryBean sf = new JAXRSServerFactoryBean();
sf.setResourceClasses(CustomerServiceImpl.class);
sf.setResourceProvider(CustomerServiceImpl.class,
new SingletonResourceProvider(new CustomerServiceImpl()));
sf.setAddress("https://localhost:9000/";);
sf.create();
}
public static void main(String args[]) throws Exception {
new Server();
System.out.println("Server ready...");
Thread.sleep(5 * 60 * 1000);
System.out.println("Server exiting");
System.exit(0);
}
}
thanks for your quick answer.
Juanjo
2012/8/17 Glen Mazza <[email protected]>
> The JAX-RS HTTPS sample doesn't use a WAR:
> http://svn.apache.org/viewvc/**cxf/trunk/distribution/src/**
> main/release/samples/jax_rs/**basic_https/<http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/>
>
> HTH,
> Glen
>
>
> On 08/17/2012 03:45 PM, Juan José Pérez Consuegra wrote:
>
>> Hello,
>>
>> I'm studing the examples given with cxf, exactly security an https. In my
>> proyect I need a standalone server publishing the server with no war
>> package. The https example seems to be like this, but security one uses a
>> war package. Mi question is how to mix both.
>>
>> I understand that I can use https proyect using de security annotations,
>> but I have the next dubt, how I can stablish the filter and filter-map of
>> the web.xml as the one used in the security example?
>>
>>
>> <filter>
>> <filter-name>**springSecurityFilterChain</**filter-name>
>>
>> <filter-class>org.**springframework.web.filter.**
>> DelegatingFilterProxy</filter-**class>
>> </filter>
>>
>> <filter-mapping>
>> <filter-name>**springSecurityFilterChain</**filter-name>
>> <url-pattern>/*</url-pattern>
>> </filter-mapping>
>>
>> Does anyone know about a complete example to guide me????
>>
>> thanks a lot
>>
>>
>
