Am Freitag, den 14.09.2007, 08:16 -0700 schrieb Zarar Siddiqi:
> UsernamePasswordAuthenticationToken token = new
> UsernamePasswordAuthenticationToken(
> user.getUsername(), user.getPassword(), user.getAuthorities());
> // Populate Acegi Security Context
> SecurityContextHolder.getContext().setAuthentication(token);
>
> > I found some blogs on the CXF+ACEGI, but it is Java centric. On the client
> > side
> > we need to set the which class handles the security on the Server side!
> > But if
> > I am using some other language for clients like C# it doesn't seem to be
> > the proper way!
>
> You can pass the class name which handles security to the server (crazy
> thought I think!)
Yes...that does seem strange. I wonder if passing a role instead of a
specific class would be better, and have the business logic of what to
do with that role remain at the server.
Glen
> using a header element and then parse it using CXF
> interceptors.
>
> Zarar
>
