I found the solution I was looking for:

http://www.unix.org.ua/orelly/java-ent/servlet/ch08_01.htm
Chapter 8.2: Security in a servlet

Michael

Michael Imhof wrote:
> 
> Thanks Anthony,
> 
> that's exactly what I wanna do. But the problem starts already at
> the first line because "MessageContext.getCurrentMessageContext();" is
> returning <null>!
> 
> Do you have an idea why this is <null>?
> 
> Michael
> 
> PS: The webserver I'm using is from the apache ofbiz project. There is a
> ofbiz nabble forum but
> I posted the problem here because I think it's more a axis specific
> problem (probably I'm wrong?).
> 
> 
> 
> Anthony Bull wrote:
>> 
>> 
>> Hi Michael, 
>> 
>> there are newer ways of doing this, but I haven't gotten around to
>> getting them working (had difficulties....). 
>> 
>> In your skeleton try the following - it has a deprecated call in it,
>> but it still works with 1.2 and 1.3, so is fine for the time being...... 
>> 
>> &nbsp;//&nbsp;Extract&nbsp;the&nbsp;username&nbsp;token&nbsp;from&nbsp;the&nbsp;soap&nbsp;headers.&nbsp;This&nbsp;uses&nbsp;deprecated
>>  
>> &nbsp;&nbsp;//&nbsp;axis-2&nbsp;methods&nbsp;on&nbsp;WSSecurityEngineResult,&nbsp;which&nbsp;probably&nbsp;need&nbsp;to&nbsp;be&nbsp;replaced
>>  
>> &nbsp;&nbsp;//&nbsp;with&nbsp;the&nbsp;newer&nbsp;code,&nbsp;once&nbsp;it&nbsp;is&nbsp;discovered&nbsp;what&nbsp;that&nbsp;code&nbsp;is.
>>  
>> &nbsp;&nbsp;private&nbsp;String&nbsp;getUserNameToken()&nbsp;{ 
>> &nbsp;&nbsp;&nbsp;try&nbsp;{ 
>> &nbsp;&nbsp;&nbsp;&nbsp;MessageContext&nbsp;messageContext&nbsp;=&nbsp;MessageContext.getCurrentMessageContext();
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;logger.debug(&nbsp;"Method&nbsp;call:&nbsp;getUserNameToken");
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;Vector&nbsp;results&nbsp;=&nbsp;null; 
>> &nbsp;&nbsp;&nbsp;&nbsp;if&nbsp;((results&nbsp;=&nbsp;(Vector)&nbsp;messageContext.getProperty(&nbsp;WSHandlerConstants.RECV_RESULTS))&nbsp;==&nbsp;null)&nbsp;{
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logger.debug(&nbsp;"Exceptional&nbsp;return:&nbsp;no&nbsp;security&nbsp;headers&nbsp;in&nbsp;message&nbsp;context");
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;throw&nbsp;new&nbsp;RuntimeException(&nbsp;"No&nbsp;security&nbsp;headers&nbsp;available&nbsp;in&nbsp;message&nbsp;context!!");
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;&nbsp;&nbsp;else&nbsp;{ 
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logger.debug(&nbsp;"results&nbsp;size&nbsp;=&nbsp;"&nbsp;+&nbsp;results.size());
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;for&nbsp;(int&nbsp;i=0;&nbsp;i&lt;results.size();&nbsp;i++)&nbsp;{
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;//&nbsp;Get&nbsp;hold&nbsp;of&nbsp;the&nbsp;WSHandlerResult&nbsp;instance.
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WSHandlerResult&nbsp;rResult&nbsp;=&nbsp;(WSHandlerResult)&nbsp;results.get(&nbsp;i);
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Vector&nbsp;wsSecEngineResults&nbsp;=&nbsp;rResult.getResults();
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logger.debug(&nbsp;"wsEngineResults.size&nbsp;=&nbsp;"&nbsp;+&nbsp;wsSecEngineResults.size());
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;for&nbsp;(&nbsp;int&nbsp;j=0;&nbsp;j&lt;wsSecEngineResults.size();&nbsp;j++)&nbsp;{
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;//Get&nbsp;hold&nbsp;of&nbsp;the&nbsp;WSSecurityEngineResult&nbsp;instance
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WSSecurityEngineResult&nbsp;engineResult&nbsp;=&nbsp;(WSSecurityEngineResult)&nbsp;wsSecEngineResults.get(&nbsp;j);
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logger.debug(&nbsp;"engineResult.getPrincipal()&nbsp;=&nbsp;"&nbsp;+&nbsp;engineResult.getPrincipal());
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if&nbsp;(&nbsp;engineResult.getPrincipal()&nbsp;instanceof&nbsp;WSUsernameTokenPrincipal)&nbsp;{
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;//&nbsp;Extract&nbsp;the&nbsp;principal.
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WSUsernameTokenPrincipal&nbsp;principal&nbsp;=&nbsp;(WSUsernameTokenPrincipal)&nbsp;engineResult.getPrincipal();
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;//Get&nbsp;user/pass
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logger.debug(&nbsp;"Normal&nbsp;return:&nbsp;getUserNameToken&nbsp;result&nbsp;=&nbsp;"&nbsp;+&nbsp;principal.getName());
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;return&nbsp;principal.getName();
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;//String&nbsp;passwd&nbsp;=&nbsp;principal.getPassword();
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;&nbsp;&nbsp;throw&nbsp;new&nbsp;RuntimeException(&nbsp;"Username&nbsp;security&nbsp;header&nbsp;not&nbsp;available&nbsp;in&nbsp;message&nbsp;context!!");
>>  
>> &nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;&nbsp;catch&nbsp;(&nbsp;RuntimeException&nbsp;e)&nbsp;{ 
>> &nbsp;&nbsp;&nbsp;&nbsp;//&nbsp;Log&nbsp;any&nbsp;exceptions&nbsp;before&nbsp;rethrowing&nbsp;them,&nbsp;as&nbsp;axis2&nbsp;doesnt&nbsp;tend&nbsp;to
>>  
>> &nbsp;&nbsp;&nbsp;&nbsp;//&nbsp;log&nbsp;message&nbsp;receiver&nbsp;errors. 
>> &nbsp;&nbsp;&nbsp;&nbsp;logger.error(&nbsp;e.getMessage(),&nbsp;e); 
>> &nbsp;&nbsp;&nbsp;&nbsp;throw&nbsp;e; 
>> &nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;} 
>> 
>> Michael Imhof wrote:
>> 
>>   We're using Axis Webservices and they are secured by basic
>> authentication.
>> 
>> Now, I would to access the user/password information of the basic
>> authentication
>> (this information must be send to the server anywhere).
>> 
>> How can I access this information.
>> 
>> Regards,
>> 
>> Michael
>>   
>> 
>> 
>> 
>> 
>> 
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>> 
>> 
>> 
> 
> 

-- 
View this message in context: 
http://www.nabble.com/Accessing-authentication-information-tf4481853.html#a12795377
Sent from the Axis - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to