« Return to Thread: CXF+ACEGI
Re: CXF+ACEGI
by dkulp
::
Rate this Message:
Interesting you should ask this..... I first heard about ACEGI last
week in a different conversation and have just started to look into it a
bit. I'd LOVE to have your input into this as to what you think is
needed or what you would consider good integration.
Here are my thoughts so far: (keep in mind, I had never heard of ACEGI
till last week so I could be completely off base)
1) If you deploy your app as a war using the spring webapp stuff and
setting up to use aop for your service, it should just work. The acegi
filter should grab the basic-auth stuff, setup the security context
stuff it needs, and when we call invoke on the service, the acegi stuff
should grant/deny it.
2) Longer term, we could write an interceptor that grabs the
AuthorizationPolicy object and HTTPS/WS-Sec stuff from our message and
fills in the acegi contexts with the details. That really wouldn't be
a huge amount of work to do.
Dan
On Thursday 13 September 2007, mattmadhavan wrote:
> Hello,
> Can some one point me to some docs on the CXF and ACEGI integration or
> CXF and security like authentication and authorization. Some sample
> app will even be great.
>
> I found some blogs on the CXF+ACEGI, but it is Java centric. On the
> client side we need to set the which class handles the security on the
> Server side! But if I am using some other language for clients like C#
> it does n't seem to be the proper way!
>
> Any ideas will be greatly appreciated.
>
> Thanks
> Matt
--
J. Daniel Kulp
Principal Engineer
IONA
P: 781-902-8727 C: 508-380-7194
daniel.kulp@...
http://www.dankulp.com/blog
« Return to Thread: CXF+ACEGI
| Free embeddable forum powered by Nabble | Forum Help |
