I think your restful service can use http basic auth to carry user/password and then you can leverage CXF JAASLoginInterceptor to authenticate against OSGi container JAAS realm(stored by LDAP in your case).
You can configure the CXF JAASLoginInterceptor like
and then add this interceptor as inInterceptors for your restful cxf service, and this interceptor can wire cxf into OSGi container loginContext.
You may need take a look at my last post of the discussion here, that's about the jaxws endpoint configuration but the JAASLoginInterceptor configuration part should be no big difference. Also that example use ws-security UserNameToken but JAASLoginInterceptor is designed to work with both http basic auth and the ws-security UserNameToken(actually it check basic auth header first) so if your restful request has basic auth header then it should be ok for you.
Hope this helps.
Thanks Freeman I will give it a shot and report back