How to Enable Spring Security for Apache-CXF JAX-WS

java spring spring-security cxf
11,097

Two potential ways:

  1. Put a BasicAuthenticationFilter or DigestAuthenticationFilter in front of your CXF Servlet.

  2. Use a WS-Security UsernamePasswordToken with CXF and write a CallbackHandler that a) creates a UsernamePasswordAuthenticationToken, b) calls authenticationManager.authenticate() and c) stores the authentication in the SecurityContextHolder.

Note that the above doesn't cover the concept of logout since login sessions are generally implemented with cookies and the above are stateless approaches. If you really need logout then you should consider using OAuth because you can implement logout by invalidating access tokens.

Share:
11,097
kamaci
Author by

kamaci

Updated on June 04, 2022

Comments

  • kamaci
    kamaci about 2 years

    How can I enable Spring Security for apache JAX-WS at Apache-CXF? Examples at web includes Jax-RS examples but I don't use Jax-RS. I don't want to use cxf's security. How can implement it at my code?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Spring security authrorize based on input parameter criteria
Could not autowire. No beans 'here name' type found
Integrating Spring Security with SiteMinder
Spring Security Oauth2: Flow to Handling Expired AccessToken
spring security get user id from DB
HTTP Status 403 - Expected CSRF token not found. Has your session expired?
How to enable CORS at Spring Security level in Spring boot
Spring Security get user info in rest service, for authenticated and not authenticated users
Apache CXF + Spring: Generating a Simple Client
Why j_spring_security_check 404?