I want to secure a collection of Jersey JAX-RS web services running in Mule using user/passwords. Preferably, I need to support two mechanisms for acquiring the user/password. First to pass the credentials as part of the HTTP 'authorization' header. If the credentials are not passed in via the HTTP header, then prompt the user for the credentials. I need both options because the services may be accessed via an automated tool, or manually by a user via the web browser. Additionally I would like to use categories for authentication (e.g. admin, superuser, etc), where some services require different credentials.
How do I do this using Mule, Jersey, and Spring? Can someone please point me towards some example code?