java maven web-services apache-karaf fuseesb

Is it possible call a properties file to instance a user and password in Apache CXF Blueprint for a Web Service?

I'm relative new with Fuse and WebServices.
I did a SOAP WebService with a BasicAuthAuthorizationInterceptor, this is the actual context and it's working:

<cxf:cxfEndpoint address="/SampleEp" id="insertSomethingToDB" serviceClass="com.example.sample_ep.SampleEp" wsdlURL="wsdl/SampleEP.wsdl">
    <cxf:inInterceptors>
        <ref component-id="securityInterceptor"/>
    </cxf:inInterceptors>
</cxf:cxfEndpoint>

<bean
    class="com.example.middleware.BasicAuthAuthorizationInterceptor" id="securityInterceptor">
    <property name="users">
        <map>
            <entry key="user" value="password"/>
        </map>
    </property>
</bean>

So, to add more security, I'll tried to put the users in a properties file outside the project, this is the idea:

<cxf:cxfEndpoint address="/SampleEp" id="insertSomethingToDB" serviceClass="com.example.sample_ep.SampleEp" wsdlURL="wsdl/SampleEP.wsdl">
    <cxf:inInterceptors>
        <ref component-id="securityInterceptor"/>
    </cxf:inInterceptors>
</cxf:cxfEndpoint>

<bean
    class="com.example.middleware.BasicAuthAuthorizationInterceptor" id="securityInterceptor">
    <property name="users">
        <map>
            <entry key="${cxf.user}" value="${cxf.password}"/>
        </map>
    </property>
</bean>

<bean> add some code to add a *.properties file outside the project </bean>

It is that possible? Or I'm really bad with this?

Solution

Ok, I tried a few of things with Jasypt, JAAS and get the solution:

<ext:property-placeholder>
    <ext:location>file:/this/is/your/path/to/your/propertie/file/cxf.properties
    </ext:location>
</ext:property-placeholder>

<cxf:cxfEndpoint address="/SampleEp" id="insertSomethingToDB"
    serviceClass="com.example.sample_ep.SampleEp" wsdlURL="wsdl/SampleEP.wsdl">
    <cxf:inInterceptors>
        <ref component-id="securityInterceptor" />
    </cxf:inInterceptors>
</cxf:cxfEndpoint>

<bean class="com.example.middleware.BasicAuthAuthorizationInterceptor"
    id="securityInterceptor">
    <property name="users">
        <map>
            <entry key="${cxf.user}" value="${cxf.password}" />
        </map>
    </property>
</bean>

Just only add to your Blueprint header:

xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0"

And voilà, it's working with a secure user/pass validation outside your project :D

And the most important thing, the properties file needs this format:

#cxf.properties
cxf.user=administrator
cxf.password=password