[CXF-5165] add a JAAS authenticator for ServiceListPage - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.6.10, 2.7.7, 3.0.0-milestone1
Component/s: None
Labels:
None

Estimated Complexity:
Unknown

Description

currently we already have an org.apache.cxf.servlet.hide-service-list-page flag to indicate hide service list page or not, but sometimes users wanna a username/password to protect this page so that request with correct credential can view this page. Introduce a ServiceListJAASAuthenticator class which can delegate the authentication to container level realm can make this simple, if http header has correct credential, then return the servicelist page, otherwise return 401 HTTP code.

Should introduce another two flags, one specify the realm name, the other one indicate if need auth or not(default value is false to keep the behavior as is)

Attachments

Activity

People

Assignee:: Freeman Yue Fang

Reporter:: Freeman Yue Fang

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 29/Jul/13 09:25

Updated:: 27/Sep/13 18:18

Resolved:: 02/Aug/13 08:33