Hi
On 11/03/16 14:52, matteo wrote:
Thank you for your reply!
In the end I simply registered a ExceptionMapper<NotAuthorizedException> and
now I redirect the resource owner to our login page (implemented as a wab).
The problem I'm still facing is that when the login wab performs the
/authorize/ invocation again (this time with the expected basic
authentication header in place), the authorization invocation fails because
the securityContext.getUserPrincipal() returns null.
What is the right way in CXF to correctly populate the SecurityContext with
a sound user principal?
If you use the servlet security then the container will set up the
principal itself, otherwise you need to set a CXF filter, ex, JAX-RS 2.0
filter, which will parse the header and set up SecurityContext
Sergey
Many thanks again,
matte
-----
matteo
--
View this message in context:
http://cxf.547215.n5.nabble.com/How-to-manage-resource-owner-login-in-CXF-tp5766808p5766837.html
Sent from the cxf-user mailing list archive at Nabble.com.
--
Sergey Beryozkin
Talend Community Coders
http://coders.talend.com/
