Configure JAAS in embedded Jetty with CXF and Spring
Question
I am trying to setup a CXF + Spring + embedded jetty with basic authentication relying on JAAS and i am having problems to connect all pieces.
I want to use the CXF JAASLoginInterceptor that looks very easy to configure so my service definition in the ApplicationContext would look like
<jaxws:endpoint address="/soapService">
<jaxrs:serviceBeans>
<ref bean="serviceImpl" />
</jaxrs:serviceBeans>
<jaxws:inInterceptors>
<ref bean="authenticationInterceptor"/>
</jaxws:inInterceptors>
</jaxws:endpoint>
<bean id="authenticationInterceptor" class="org.apache.cxf.interceptor.security.JAASLoginInterceptor">
<property name="contextName" value="jaasContext"/>
<property name="roleClassifier" value="ROLE_"/>
</bean>
As the doc states: "The JAAS authenticator is configured with the name of the JAAS login context (the one usually specified in the JAAS configuration resource which the server is aware of)"
How can i setup that "JAAS configuration resource" in the most basic way?
Thanks!
1 answers
solution1
1 ACCPTED 2014-01-17 08:43:21
At the end it is very easy to do it. The only thing you need is place a file with login modules configuration on the classpath and set the system property "java.security.auth.login.config" pointing to that file.
eg a file to enable a property file based authentication:
jaasContext {
org.eclipse.jetty.plus.jaas.spi.PropertyFileLoginModule optional file="src/main/resources/credentials.props"; };
Note that the contextName in the CXF interceptor is same as in the jaas config file.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.