On 17/09/13 13:53, Faz wrote:
Thanks for the reply, Sergey.
<entry key="addNumbers" value="ROLE_USER ROLE_ADMIN"/>
<entry key="divideNumbers" value="ROLE_ADMIN"/>
I see the above piece in the config file, I believe the key here
(add,divideNumbers) refers to the methods in the WS-impl class. If that's
the case, I would need this to be populated from the database along with the
roles since there are multiple methods in the impl class.
I mean i need something very generic and picked up from the database, if
there is a new method addition, I will just have to add it to the db and it
would be taken care without any xml intervention.
Please suggest. Thnx again!
Then it would need to be implemented manually, have your CXF interceptor
loading the data. You can probably extend SimpleAuthorizingInterceptor,
load all the method roles info there and override its
getRequiredRoles(String method name) method.
Have a look at SecureAnnotationsInterceptor interceptor which is in the
same package as SimpleAuthorizingInterceptor. It extends
SimpleAuthorizingInterceptor and initializes it by introspecting a given
secure object. In your case you will read the data from the database and
proceed from there
Sergey
--
View this message in context:
http://cxf.547215.n5.nabble.com/SOAP-Webservices-Authorization-with-Java-using-Apache-CXF-tp5734142p5734151.html
Sent from the cxf-user mailing list archive at Nabble.com.
--
Sergey Beryozkin
Talend Community Coders
http://coders.talend.com/
Blog: http://sberyozkin.blogspot.com
