THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Wiki Markup |
---|
{span:style=font-size:2em;font-weight:bold} Securing CXF Services {span} {toc} h1. Secure transports h2. HTTPS Please see the [Configuring SSL Support|http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html] page for more information. h1. WS-* Security Please see the [WS-* Support|http://cxf.apache.org/docs/ws-support.html] page for more information. h1. Authentication Container or Spring Security managed authentication as well as the custom authentication are all the viable options used by CXF developers. Starting from CXF 2.3.2 and 2.4.0 it is possible to use an org.apache.cxf.interceptor.security.JAASLoginInterceptor in order to authenticate a current user and populate a CXF SecurityContext. h1. Authorization Container or Spring Security managed authorization as well as the custom authorization are all the viable options used by CXF developers. CXF 2.3.2 and 2.4.0 introduce org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor and org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor interceptors which can help with enforcing the authorization rules. |