We are using CXF + DOSGI rest services
Interface:
@Path("/")
public interface DefaultApi{
@POST
@Path("/public/login")
@Consumes({ "application/json" })
@Produces({ "application/json" })
public Response login(@HeaderParam("User-Agent") String userAgent,@QueryParam("username") String username,@QueryParam("password") String password,
@Context UriInfo uriInfo,
@Context ResourceContext recourceContext);
Implementation:
@Component(immediate = true, configurationPolicy = ConfigurationPolicy.REQUIRE, configurationPid = "frontend.rest")
public class DefaultApiImpl implements DefaultApi {
Is it possible to use Apache Deltaspike for Method level Authorization along with CXF + DOSGI https://deltaspike.apache.org/documentation/security.html If possible how to do it ?
Is there any other alternative to do method level authorization with CXF + DOSGI
You can not mix deltaspike and declarative services. Deltaspike security is a cdi extension so you need to use pax cdi to expose your OSGi service.
Another thing is that you need to do the authentication in some way. I recommend to use the CXF JAASAuthenticationFeature. It can do basic auth against the configured jaas provider in karaf. The result is a jaas login that you probably can use in deltaspike security to base your authorization on.