At the end i was able to set this up thanks to your advices and some google.
I used JAAS and CXF JAASAuthenticationFilter. To not overcomplicate things i've used BASIC authentication using property file to store credentials in plain text. The only point here is to be aware of Base64 encode the username:password and sent it on the authorization header. Then AuthorizationPolicy is correctly instantiated and NamePasswordCallbackHandler is called. The other point was to link all this with Jetty server ... it took me a while, but at the end was very easy since the only i have to do is set a system property "java.security.auth.login.config" pointing to my jaas login config file where i declared the login modules i need. -- View this message in context: http://cxf.547215.n5.nabble.com/RE-CXF-JAAS-tp5738439p5738526.html Sent from the cxf-user mailing list archive at Nabble.com.
