Caller's username needed in regular service method; using Rampart for authentication

Thu, 25 Sep 2008 02:25:33 -0700 

Hello, everybody.

I'll get right to the point! Here's what I need...

I'm using Axis2, in conjunction with Rampart for user authentication (SSL /
USERNAME_TOKEN_UNKNOWN).

Everything works fine with my class that implements
javax.security.auth.callback.CallbackHandler interface, but I'd like one
additional functionality.

In some way, username (string returned by the getIdentifer() method of
org.apache.ws.security.WSPasswordCallback class) needs to be available to
regular web service methods, not only the ones belonging to class
implenenting the CallbackHandler interface.

So, I don't want clients to pass additional (username) parameter to every
method of my web service since they could pass different values via that
parameter than the username token used for authentication, anyway.

As you can see, I need no persistence, no sessions, nothing, just some way
to access (from regular service method!) a value that before mentioned
method (getIdentifer()) returns. Maybe I could set some request specific
parameter inside my class that implements CallbackHandler interface and then
access that parameter from regular service method. Anything goes!

Something like:
public void doSomething(String param1, String param2) {
String username;
// code that I'm missing to set username variable to the value of
getIdentifer()
}

I need caller's username for some auditing features of my web service.
However, it seems strange to me that I'm the first person with this kind of
problem, so I guess there might be some better way to do what I'm asking for
or the answer is trivial, but I was unable to see it for some reason. :-)

Thanks for your answers in advance,
Pulestar
-- 
View this message in context: 
http://www.nabble.com/Caller%27s-username-needed-in-regular-service-method--using-Rampart-for-authentication-tp19665961p19665961.html
Sent from the Axis - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to