Re: Is it possible to integrate CXF JAX-RS with Spring Security 2.0.5 ?

[Sergey Beryozkin]

Hi Christian

I updated another test resource[1] to use @RolesAllowed, it is virtually identical to [2] but just causes Spring to create a cglib 
proxy. I had to update the spring config[3] for Spring to check JSR250 annotations (see security:global-method-security)

cheers, Sergey

[1] 
http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java
[2] 
http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStore.java
[3] 
http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_security_cglib/WEB-INF/beans.xml

----- Original Message ----- 
From: "Sergey Beryozkin" <sbery...@progress.com>
To: <users@cxf.apache.org>
Sent: Tuesday, February 16, 2010 9:48 AM
Subject: Re: Is it possible to integrate CXF JAX-RS with Spring Security 2.0.5 ?


Hi Christian

I'd rather keep this existing test resource showing how to use @Secured intact 
given that some users are probably using @Secured but
adding another similar test resource using @RolesAllowed will definitely make 
sense, I'll do it asap.

thanks, Sergey

----- Original Message ----- 
From: "Christian Schneider" <ch...@die-schneider.net>
To: <users@cxf.apache.org>
Sent: Tuesday, February 16, 2010 6:56 AM
Subject: Re: Is it possible to integrate CXF JAX-RS with Spring Security 2.0.5 ?


Hi Sergey,

I have a proposal for the example. To secure the methods @Secured is
used. The problem with the annotation is that it is spring proprietary.
I propose to use the @RolesAllowed annotain from jsr 250 common
annotations. It works in the same way as @Secured

The dependency is:

<dependency>
<groupId>javax.annotation</groupId>
<artifactId>jsr250-api</artifactId>
<version>1.0</version>
</dependency>

This allows to keep the code free of direct dependencies to spring.

Do you think it makes sense to change this?

Greetings

Christian


Am 15.02.2010 11:01, schrieb Sergey Beryozkin:
Hi

please see

http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookInterface.java

(interface)
http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStore.java

(impl)
http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBook.java

(secure subresource)
http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSpringSecurityClassTest.java

(test)