On 13/09/13 17:25, Sergey Beryozkin wrote:
Hi
On 13/09/13 12:02, inteloid wrote:
These examples are specific for Spring Security I assume? If so, what
if I
use CXF Standard OAuth2 authorization?
Using RolesAllowed or @Secured is orthogonal to the use of OAuth2 access
tokens.
I should've said it is complementary to the use of access tokens.
Sergey
When a client accesses a server resource with its access token, OAuth2
filter will retrieve a registered Client - this entity can have
UserSubject initialized.
If UserSubject is there then the OAuth2 filter will use it to populate a
current SecurityContext that can be used with for example CXF
SimpleAuthorizingInterceptor to enforce RBAC.
Cheers, Sergey
--
View this message in context:
http://cxf.547215.n5.nabble.com/Secured-RolesAllowed-integration-tp5730361p5733980.html
Sent from the cxf-user mailing list archive at Nabble.com.
--
Sergey Beryozkin
Talend Community Coders
http://coders.talend.com/
Blog: http://sberyozkin.blogspot.com
