CXF - 2.7.8 - JAX-RS: OAuth2 X JAX-WS Protection

Fri, 14 Feb 2014 04:51:37 -0800 

Hi,
I have a couple of Webservice done and working properly using CXF 2.7.8 in the already known fashion: 


    <jaxws:endpoint xmlns:tns="http://blablabla.hello.com.br/";
        id="blablablawsservice" implementor="br.com.hello.BlaBlaBla"

        wsdlLocation="wsdl/blablablawsservice.wsdl" 
endpointName="tns:BlaBlaBlaPort"

        serviceName="tns:BlaBlaBlaServiceService" address="/BlaBlaBlaPort">
        <jaxws:features>
            <bean class="org.apache.cxf.feature.LoggingFeature" />
        </jaxws:features>
    </jaxws:endpoint>




Now, what i need is to protect these services/urls using JAX-RS: OAuth2 
and i have followed the instruction in CXF documentation: 
https://cxf.apache.org/docs/jax-rs-oauth2.html

Based on this documentation, i have now:

1 - An Authorization Service;
|

    <bean id="authorizationService" 
class="org.apache.cxf.rs.security.oauth2.services.AuthorizationCodeGrantService">

      <property name="dataProvider" ref="oauthProvider"/>
    </bean>|

|
|


2 - An Access Token Service;


    <bean id="oauthProvider" 
class="br.com.hello.utils.cxf.security.oauth.SocialRideDataProvider" />


    <bean id="accessTokenService"
class="org.apache.cxf.rs.security.oauth2.services.AccessTokenService">
        <property name="dataProvider" ref="oauthProvider" />
    </bean>

    <bean id="accessTokenValidateService"
class="org.apache.cxf.rs.security.oauth2.services.AccessTokenValidatorService">
        <property name="dataProvider" ref="oauthProvider" />
    </bean>

    <jaxrs:server id="oauthServer" address="/oauth">
        <jaxrs:serviceBeans>
            <ref bean="accessTokenService" />
            <ref bean="accessTokenValidateService" />
        </jaxrs:serviceBeans>
    </jaxrs:server>


3 - A Request Filter

    <bean id="oauthFilter"
class="org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter">
        <property name="dataProvider" ref="oauthProvider" />
    </bean>


So my point is:

How do i protect my JAX-WS webservices using this JAX-RS: OAuth2 Request 
Filter? What is the glue between them?
For example: i have a url 
"http://localhost:8080/myProject/services/MyService?wsdl"; how do it make 
it under this Oauth Protection Structure??

Is that by interceptors, maybe?

Thank you.

Att,
Marcello Ribeirop



























					Reply via email to