This is another post in series Maven + Apache Felix + CXF + DOSGi Series. Here I will describe how to secure CXF published web services with HTTP basic authentication. You can find the sources on my GitHub account.
We will have three projects here. The first one defines an interface for a service. Another one provides implementation for it. And the third one will provide security.
dosgiSecurity dosgiSecurity-api dosgiSecurity-impl dosgiSecurity-security
dosgiSecurity will be just a holder project.
HelloService in bundle
dosgiSecurity-api will be similar to the one we defined in
Nginx supports only plain passwords file without any encryption on Windows! Totaly crazy! That means, intead of:
One has to have plain password:
Here is asmall basic authentication how-to for a web application in GlassFish 3.
Open GlassFish Administrative Console. Go to
There is a
default-web.xml file in GlassFish which configure some stuff behind the scenes. This file can be found in domains->domain->config folder.
By default, in GlassFish v3 directory listing is disabled. But one can easily enable it by modifying
<init-param> <param-name>debug</param-name> <param-value>0</param-value> </init-param>
Or if there is no possibility to modify the
The book is about security in Java EE with EJB, Application Client modules and all the friends. Security in GlassFish is a central point of this book. And what is more, there are plenty of real world code and configuration samples. More information about the book can be found on dedicated page on Packt website.