[CXF-4829] Add OperationInfo based authorization interceptor - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.7.3
Fix Version/s: 2.7.4, 2.6.7, 3.0.0-milestone1
Component/s: Core
Labels:
None

Estimated Complexity:
Unknown

Description

CXF provides a simple authorizing feature using SimpleAuthorizingInterceptor. However, this interceptor assumes there is a service class available at the endpoint and roles are assigned to its methods. That means, it does not work if there is no service class (e.g., you are using just a WSDL file). In such cases, it is more appropriate to use the service's operation information to perform authorization.

Attachments

Activity

People

Assignee:: Akitoshi Yoshida

Reporter:: Akitoshi Yoshida

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 14/Feb/13 11:54

Updated:: 09/Apr/13 15:15

Resolved:: 15/Feb/13 10:27