[CONF] Apache CXF Documentation > Security

[confluence]

Security Page edited by Sergey Beryozkin Changes (2) ... h1. Authentication Container or Spring Security managed authentication as well as the custom authentication are all the viable options used by CXF developers. Starting from CXF 2.3.2 and 2.4.0 it is possible to use an org.apache.cxf.interceptor.security.JAASLoginInterceptor in order to authenticate a current user and populate a CXF SecurityContext. h1. Authorization Container or Spring Security managed authorization as well as the custom authorization are all the viable options used by CXF developers. CXF 2.3.2 and 2.4.0 introduce org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor and org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor interceptors which can help with enforcing the authorization rules. Full Content Securing CXF Services Secure transports HTTPS WS-* Security Authentication Authorization Secure transports HTTPS Please see the Configuring SSL Support page for more information. WS-* Security Please see the WS-* Support page for more information. Authentication Container or Spring Security managed authentication as well as the custom authentication are all the viable options used by CXF developers. Starting from CXF 2.3.2 and 2.4.0 it is possible to use an org.apache.cxf.interceptor.security.JAASLoginInterceptor in order to authenticate a current user and populate a CXF SecurityContext. Authorization Container or Spring Security managed authorization as well as the custom authorization are all the viable options used by CXF developers. CXF 2.3.2 and 2.4.0 introduce org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor and org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor interceptors which can help with enforcing the authorization rules. Change Notification Preferences View Online | View Changes | Add Comment