We've got the same problem in production. It basically isn't a risk
unless you upgrade to a future version of Axis 2/Rampart that they have
decided to remove those classes or the functionality they provide is
turned off.
To minimise the effect of this, all our production web services and web
clients (we have 5 independent axis 2 web services running in
production) use the same re-usable security library that abstracts the
rampart configuration code. So, when we change the ouflowConfiguration
code, we only need to rebuild that jar and re-release it, instead of
having to do full release builds of all our web services.
Sean Conlon wrote:
I am using the deprecated class OutflowConfiguration in order to set my
dynamic usernames and passwords in the OutflowSecurity parameter. Below
are the methods that I use to do this.
What is an alternative approach for me to set my username and password
dynamically? What are my risks with launching this into production with
a deprecated class?
This may be more specific to Rampart then Axis2, but I am hoping that
someone else has had this issue too. Others have documented this
problem, but I have not found a viable solution.
Thanks!
////////////////////////////////////////////////////////
//////////////////////// getStub () ////////////////////
////////////////////////////////////////////////////////
private PartnerAPIStub getStub() throws EmailException {
PartnerAPIStub myStub = null;
try {
EndpointReference endPointReference = new
EndpointReference(endpoint);
ConfigurationContext configurationContext =
ConfigurationContextFactory.createConfigurationContextFromFileSystem(
null, ABSOLUTE_AXIS2_CLIENT_CONFIG_PATH);
myStub = new PartnerAPIStub(configurationContext, endpoint);
ServiceClient serviceClient = myStub._getServiceClient();
Options options = serviceClient.getOptions();
options.setTo(endPointReference);
this.updateOutflowSecurity(myStub);
}
catch (AxisFault e) {
// TODO JL - temp code
throw new EmailException(e);
}
return myStub;
}
////////////////////////////////////////////////////////
////////////////// updateOutflowSecurity() /////////////
////////////////////////////////////////////////////////
private void updateOutflowSecurity(PartnerAPIStub stub) {
ServiceClient serviceClient = stub._getServiceClient();
Options options = serviceClient.getOptions();
OutflowConfiguration ofc = new OutflowConfiguration();
ofc.setActionItems("UsernameToken");
ofc.setUser(apiUsername);
ofc.setPasswordType("PasswordText");
options.setProperty(WSSHandlerConstants.OUTFLOW_SECURITY,
ofc.getProperty());
//pwcbhandler is of type PWCBHandler that is injected via
Spring
options.setProperty(WSHandlerConstants.PW_CALLBACK_REF,
pwcbhandler);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Anthony
-------------------------------------
Anthony Bull
Senior Developer
Black Coffee Software Ltd
PO Box 10-192 The Terrace
Wellington, New Zealand
[EMAIL PROTECTED]
Ph +64 4 472 8818
Fax +64 4 472 8811
-------------------------------------
www.bcsoft.co.nz
---------------------------------------------------------------
This email may contain confidential or privileged information,
and is intended for use only by the addressee, or addressees.
If you are not the intended recipient please advise the sender
immediately and do not copy, use or disclose the contents to
any other person or organisation.
Black Coffee Software Ltd accepts no responsibility for viruses
received with this email, or to any changes made to the original
content. Any views or opinions expressed in this email may be
personal to the sender and are not necessarily those of Black
Coffee Software Ltd.
---------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
