Hi, AFAIK CXF Servlet defined in web.xml can be automatically authenticated with your security-constraint and login-config settings. You can try to get the user principal in your service implementation using @WebContext annotation:
@Resource WebServiceContext wsContext; ... Principal pr = wsContext.getUserPrincipal(); Regards, Andrei. > -----Original Message----- > From: michaelh [mailto:[email protected]] > Sent: Donnerstag, 3. April 2014 12:04 > To: [email protected] > Subject: utilizing tomcat authentication for webservices > > Hi, > i've deployed a CXF webservice (2.2.9) on tomcat. > we now want to add authentication. i've implemented the standard "login- > config" authentication in the web.xml and it works fine for standard http(s). > But i'm having trouble authenticating webservice requests. > > On the client side i'm adding the WS-* interceptors to provide > username/password etc. But i'm having trouble understanding how to go about > this on ther server side. Tomcat already has an authentication mechanism in > place how can i utilize this for the webservices? From the examples i've seen > the server side implements their own interceptors and callback handlers. > > any pointers would be appreciated. > > thanks, > Michael > > > > > -- > View this message in context: http://cxf.547215.n5.nabble.com/utilizing- > tomcat-authentication-for-webservices-tp5742376.html > Sent from the cxf-user mailing list archive at Nabble.com.
