You want the client to tell the server how to do security? That sounds crazy :)
Your client side should either be doing http based security or ws-security. That doesn't have anything to do with Acegi at that point. On 9/14/07, Zarar Siddiqi <[EMAIL PROTECTED]> wrote: > > I'm trying to understand what you're saying but am having difficulty. But > here goes: > > > Can some one point me to some docs on the CXF and ACEGI integration > > or CXF and security like authentication and authorization. > > I use Acegi for authorization purposes only. IMHO it doesn't really make > sense for authentication (WS-Security can do that). So I use the > MethodSecurityInterceptor and BeanNameAutoProxyCreator to manage calls to my > service level methods. The Acegi docs can help you there, the only > difference I think is that you have to set the authentication token > yourself, e.g.: > > UsernamePasswordAuthenticationToken token = new > UsernamePasswordAuthenticationToken( > user.getUsername(), user.getPassword(), user.getAuthorities()); > // Populate Acegi Security Context > SecurityContextHolder.getContext().setAuthentication(token); > > > I found some blogs on the CXF+ACEGI, but it is Java centric. On the client > > side > > we need to set the which class handles the security on the Server side! > > But if > > I am using some other language for clients like C# it doesn't seem to be > > the proper way! > > You can pass the class name which handles security to the server (crazy > thought I think!) using a header element and then parse it using CXF > interceptors. > > Zarar > > > > > mattmadhavan wrote: > > > > Any Help will be appreciated! > > > > > > > > mattmadhavan wrote: > >> > >> Hello, > >> Can some one point me to some docs on the CXF and ACEGI integration or > >> CXF and security like authentication and authorization. Some sample app > >> will even be great. > >> > >> I found some blogs on the CXF+ACEGI, but it is Java centric. On the > >> client side we need to set the which class handles the security on the > >> Server side! But if I am using some other language for clients like C# it > >> does n't seem to be the proper way! > >> > >> Any ideas will be greatly appreciated. > >> > >> Thanks > >> Matt > >> > > > > > > -- > View this message in context: > http://www.nabble.com/CXF%2BACEGI-tf4436973.html#a12677582 > Sent from the cxf-user mailing list archive at Nabble.com. > >
