Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-4829

Add OperationInfo based authorization interceptor

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.7.3
    • Fix Version/s: 2.7.4, 2.6.7, 3.0.0-milestone1
    • Component/s: Core
    • Labels:
      None
    • Estimated Complexity:
      Unknown

      Description

      CXF provides a simple authorizing feature using SimpleAuthorizingInterceptor. However, this interceptor assumes there is a service class available at the endpoint and roles are assigned to its methods. That means, it does not work if there is no service class (e.g., you are using just a WSDL file). In such cases, it is more appropriate to use the service's operation information to perform authorization.

        Attachments

          Activity

            People

            • Assignee:
              ay Akitoshi Yoshida
              Reporter:
              ay Akitoshi Yoshida
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: