I have a webapp that has Basic-Authentication support thru Spring-Security configuration. I want to test my JAXRS (using CXF) based services using local-transport with Basic-Auth enabled. The following is my java-config where I have expression based Spring-Security config which does enable Basic-Auth when deployed on Tomcat. However, it does not work on local-transport. Is there a tutorial on how to achieve Basic-Auth on local-transport using Spring-Security?
@Override
protected void configure(HttpSecurity http) throws Exception {
logger.debug("security configuration");
http.authorizeRequests()
.antMatchers("/user/**").access("hasRole('ROLE_USER') or hasRole('ROLE_ADMIN')")
.and()
.formLogin().loginPage("/login").failureUrl("/login?error").successHandler(authenticationSuccessHandler)
.usernameParameter("username").passwordParameter("password")
.and()
.logout().logoutSuccessUrl("/login?logout").and().csrf()
.and().authorizeRequests().antMatchers("/soa/**").
access("hasRole('ROLE_USER') or hasRole('ROLE_ADMIN')").and().httpBasic().and().csrf().disable();
Thanks
-Sonam
@Override
protected void configure(HttpSecurity http) throws Exception {
logger.debug("security configuration");
http.authorizeRequests()
.antMatchers("/user/**").access("hasRole('ROLE_USER') or hasRole('ROLE_ADMIN')")
.and()
.formLogin().loginPage("/login").failureUrl("/login?error").successHandler(authenticationSuccessHandler)
.usernameParameter("username").passwordParameter("password")
.and()
.logout().logoutSuccessUrl("/login?logout").and().csrf()
.and().authorizeRequests().antMatchers("/soa/**").
access("hasRole('ROLE_USER') or hasRole('ROLE_ADMIN')").and().httpBasic().and().csrf().disable();
Thanks
-Sonam