Hi Pluestar,
Rampart stores all the security information in the Message Context.
If you can use Rampart SNAPSHOT, then you can easily get the username using
a property in Message Context. But if you are using Rampart 1.4 or older
version, then you have to parse those security information get the username.
This blog post [1] describes how retrieve the username from the Message
Context in both cases.
thanks,
nandana
[1] - http://nandana83.blogspot.com/2008/09/accessing-username-used-for.html
On Thu, Sep 25, 2008 at 2:54 PM, Pulestar <[EMAIL PROTECTED]> wrote:
>
> Hello, everybody.
> I'll get right to the point! Here's what I need...
>
> I'm using Axis2, in conjunction with Rampart for user authentication (SSL /
> USERNAME_TOKEN_UNKNOWN).
>
> Everything works fine with my class that implements
> javax.security.auth.callback.CallbackHandler interface, but I'd like one
> additional functionality.
>
> In some way, username (string returned by the getIdentifer() method of
> org.apache.ws.security.WSPasswordCallback class) needs to be available to
> regular web service methods, not only the ones belonging to class
> implenenting the CallbackHandler interface.
>
> So, I don't want clients to pass additional (username) parameter to every
> method of my web service since they could pass different values via that
> parameter than the username token used for authentication, anyway.
>
> As you can see, I need no persistence, no sessions, nothing, just some way
> to access (from regular service method!) a value that before mentioned
> method (getIdentifer()) returns. Maybe I could set some request specific
> parameter inside my class that implements CallbackHandler interface and
> then
> access that parameter from regular service method. Anything goes!
>
> Something like:
> public void doSomething(String param1, String param2) {
> String username;
> // code that I'm missing to set username variable to the value of
> getIdentifer()
> }
>
> I need caller's username for some auditing features of my web service.
> However, it seems strange to me that I'm the first person with this kind of
> problem, so I guess there might be some better way to do what I'm asking
> for
> or the answer is trivial, but I was unable to see it for some reason. :-)
>
> Thanks for your answers in advance,
> Pulestar
> --
> View this message in context:
> http://www.nabble.com/Caller%27s-username-needed-in-regular-service-method--using-Rampart-for-authentication-tp19665961p19665961.html
> Sent from the Axis - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
Nandana Mihindukulasooriya
WSO2 inc.
http://nandana83.blogspot.com/
http://www.wso2.org
