I've a question about Fediz. I'm currently using to protect a jetty
web application and wondering if it is possible to enable/disable
Fediz authentication dynamically?
For instance I've configured jetty to use a security handler
depicted in code below:
SecurityHandler aSecurityHandler = new ConstraintSecurityHandler();
aSecurityHandler.setRealmName(null);
LoginService aLoginService = new FederationLoginService("WSFED");
aSecurityHandler.setLoginService(aLoginService);
FederationAuthenticator aAuthenticator = new FederationAuthenticator();
aAuthenticator.setConfigFile(aJettyHome + File.separator + "contexts"
+ File.separator + "fediz_config.xml");
aSecurityHandler.setAuthenticator(aAuthenticator);
myWebApplicationContext.setSecurityHandler(aSecurityHandler);
myWebApplicationContext.addOverrideDescriptor(aJettyHome +
File.separator + "etc" + File.separator + "override-web.xml");
This I'd like to be able to bypass fediz authentication in some cases
and fall back to our application level authentication vs the webserver
authentication.
Is this at all possible?
Please advise
--
View this message in context:
http://cxf.547215.n5.nabble.com/Dynamic-Enable-Disable-tp5756690.html
Sent from the cxf-user mailing list archive at Nabble.com.
