On Mon February 1 2010 3:25:23 pm johnpfeifer4 wrote: > Dan, > > We have to get this done ASAP so we're willing to do the development (and > contribute). Can you tell me if this code is in the latest release > version?
Yep. It's in 2.2.6. From any interceptor, you can call: SecurityContext sc = message.get(SecurityContext.class); sc.getPrincipal(); Which SHOULD have the username set on it providing the JMS provider has been setup to provide that information. Dan > > Thanks, > > John > > dkulp wrote: > > Christian recently did some updates to the JMS transport to pull the > > JMSXUserID from the JMS Message and stick that into our SecurityContext. > > You > > would probably need an interceptor that would then take that and feed > > that into the Spring security context. If you do develop some > > interceptors for > > this, we'd love to have them. :-) > > > > Dan > > > > On Mon February 1 2010 1:51:44 pm johnpfeifer4 wrote: > >> I was wondering if anyone has an example of implement spring security > >> with > >> a CXF JMS Endpoint. We currently secure all of our endpoints with the > >> <security:http> element, limiting access to certain endpoints to a > >> particular role(s). > >> > >> Now we have a requirement to enforce security for JMS endpoints. It > >> seems > >> that the listener that picks it off the JMS queue would have to know > >> where > >> to find the credentials on the message. Perhaps we need to write our > >> own > >> interceptors to do this? > >> > >> I figured I would post here before I start my own investigation. Any > >> help > >> would be greatly appreciated. > >> > >> Thanks, > >> > >> John > -- Daniel Kulp [email protected] http://www.dankulp.com/blog
