Les classes autogénérée du service SOAP sont présentes dans un jar.

Dépendances nécessaires :

<dependency>
    <groupId>org.apache.cxf</groupId>
    <artifactId>cxf-rt-frontend-jaxws</artifactId>
    <scope>compile</scope>
</dependency>
<dependency>
    <groupId>org.apache.cxf</groupId>
    <artifactId>cxf-rt-transports-http</artifactId>
    <scope>compile</scope>
</dependency>

Authentication avec un service SOAP :

import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;

/**
 * Spring configuration to create authentication beans.
 */
@Configuration
public class AuthenticationConfig extends SpringConfig {

    private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticationConfig.class.getCanonicalName());

    /**
     * Instantiates the Authentication configuration.
     *
     * @param environment the Spring environment.
     */
    public AuthenticationConfig(Environment environment) {
        super(environment);
    }

    /**
     * return endpoint.
     *
     * @return MyAuthenticationServicesWSP service.
     */
    @Bean
    public MyAuthenticationServicesWSP myAuthenticationServicesWSP() {
        JaxWsProxyFactoryBean jaxWsFactory = new JaxWsProxyFactoryBean();
        jaxWsFactory.setServiceClass(MyAuthenticationServicesWSP.class);
        String url = this.getContext().getBean("authenticationUrl", String.class) + getProperty("suffix.authentication");
        jaxWsFactory.setAddress(url );
        return (MyAuthenticationServicesWSP) jaxWsFactory.create();
    }

    /**
     * The authentication service.
     *
     * @return the full service that can authenticate a user.
     */
    @Bean
    public AuthenticationService authenticationService() {
        LOGGER.debug("Initializing authentication service");

        return new AuthenticationService(
                this.myAuthenticationServicesWSP(),
        );
    }
}

Configuration de la sécurité côté sécurité :

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.xml.ws.WebServiceException;

/**
 * The authentication service. Request the SAOP service with auto-generated classes.
 */
public class AuthenticationService {

    private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticationService.class.getCanonicalName());

    private final MyAuthenticationServicesWSP myAuthenticationServicesWSP;

    /**
     * Instantiate the service.
     *
     * @param myAuthenticationServicesWSP the service to request sesame.
     */
    public AuthenticationService(MyAuthenticationServicesWSP myAuthenticationServicesWSP) {
        this.myAuthenticationServicesWSP = myAuthenticationServicesWSP;

    }

    /**
     * Authenticate the user and retrieve a token to manage the user session.
     *
     * @param login    the user's login.
     * @param password the user's password.
     * @return the created token.
     * @throws MyException In case an exception is thrown.
     */
    public String login(String login, String password) throws MyException {

        if (login == null || login.length() == 0) {
            throw new MyException("L'identifiant est vide.");
        }
        else if (password == null || password.length() == 0) {
            throw new MyException("Le mot de passe est vide.");
        }

        String token;
        try {
            token = myAuthenticationServicesWSP.login(login, password);
        }
        catch (Exception e) {
            throw new MyException("There was an error");
        }

        return token;
    }

}