Am Freitag, den 14.09.2007, 08:16 -0700 schrieb Zarar Siddiqi: > UsernamePasswordAuthenticationToken token = new > UsernamePasswordAuthenticationToken( > user.getUsername(), user.getPassword(), user.getAuthorities()); > // Populate Acegi Security Context > SecurityContextHolder.getContext().setAuthentication(token); > > > I found some blogs on the CXF+ACEGI, but it is Java centric. On the client > > side > > we need to set the which class handles the security on the Server side! > > But if > > I am using some other language for clients like C# it doesn't seem to be > > the proper way! > > You can pass the class name which handles security to the server (crazy > thought I think!)
Yes...that does seem strange. I wonder if passing a role instead of a specific class would be better, and have the business logic of what to do with that role remain at the server. Glen > using a header element and then parse it using CXF > interceptors. > > Zarar >