I'm running tomcat 6 with cxf 2.7.11 using HTTP Basic for authentication.
My code to get the currently authenticate user is something like this:
if (webctx == null) {
return "anonymous";
if (webctx.getUserPrincipal() != null) {
return webctx.getUserPrincipal().getName();
//otherwise dive into the message context
After stepping through the debugger, the only place where the username is
available with this class, which is attached to the webctx:
org.apache.cxf.configuration.security.AuthorizationPolicy
I can confirm that the clients are sending credentials and is getting past
tomcat's authentication on the server side. However, I'd really like to
stay web service stack agnostic and like to get webctx.getUserPrincipal()
populated.
The services are deployed via beans.xml and have no cxf specific handlers
or configuration added other than jaxws:endpoint.
So the question is, what am I doing wrong? (or better, how can get i get
getUserPrincipal populated?)
My code to get the currently authenticate user is something like this:
if (webctx == null) {
return "anonymous";
if (webctx.getUserPrincipal() != null) {
return webctx.getUserPrincipal().getName();
//otherwise dive into the message context
After stepping through the debugger, the only place where the username is
available with this class, which is attached to the webctx:
org.apache.cxf.configuration.security.AuthorizationPolicy
I can confirm that the clients are sending credentials and is getting past
tomcat's authentication on the server side. However, I'd really like to
stay web service stack agnostic and like to get webctx.getUserPrincipal()
populated.
The services are deployed via beans.xml and have no cxf specific handlers
or configuration added other than jaxws:endpoint.
So the question is, what am I doing wrong? (or better, how can get i get
getUserPrincipal populated?)