Hey all, I'm creating a demo for a conference [1] in February. I'm trying to setup servicemix as a multi-tenant cluster that routes requests incoming on a cxf bc to several cxf es endpoints based on user credentials. The different backend endpoints will be configured to connect to different datasources and therefor different customers can never get access to other customers data because of an error in business logic. I want to secure the endpoints using NMR Authorization entries as decribed here: http://servicemix.apache.org/SMX4NMR/5-security.html
Now my question is: How would you recommend I implement security on the cxf bc endpoint, so that user credentials are automatically checked and the matching roles set on the exchange (WS-Security, JAAS interceptor ??) so that the NMR can handle backend endpoint access. Hope to hear from you all. Greets, Geert. [1] Engineering World 2011 by Sogeti. http://www.sogeti.nl/evenementen/2011/engineeringworld-2011 (Dutch)
