[
https://issues.apache.org/jira/browse/CXF-7677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16396149#comment-16396149
]
Sumeet Mahajan edited comment on CXF-7677 at 3/12/18 10:13 PM:
---------------------------------------------------------------
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import
sungard.expert.exception.webservices.planParticipant.WebServiceRuntimeException;
import sungard.expert.webservices.planParticipant.Authenticator;
public class ReliusServerPasswordCallback implements CallbackHandler {
@Override
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
String loginName = pc.getIdentifier();
String password = pc.getPassword();
boolean authenticated = Authenticator.authenticate(loginName, password);
if (!authenticated){
throw new WebServiceRuntimeException("Invalid UserName or Password!"); }
}
}
was (Author: sumeet80):
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import
sungard.expert.exception.webservices.planParticipant.WebServiceRuntimeException;
import sungard.expert.webservices.planParticipant.Authenticator;
public class Relius360ServerPasswordCallback implements CallbackHandler {
@Override
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
String loginName = pc.getIdentifier();
String password = pc.getPassword();
boolean authenticated = Authenticator.authenticate(loginName, password);
if (!authenticated){
throw new WebServiceRuntimeException("Invalid UserName or Password!");
}
}
}
> With CXF 3.2.1, using UsernameToken, cannot receive password in callback
> ------------------------------------------------------------------------
>
> Key: CXF-7677
> URL: https://issues.apache.org/jira/browse/CXF-7677
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 3.2.1
> Environment: Java 8.
> CXF 3.2.1
> wss4j-2.1.jar
> xmlsec-2.1.0.jar
> Reporter: Sumeet Mahajan
> Priority: Critical
> Attachments: soap-request.xml
>
>
> I am attaching my SOAP request.
> It has SOAP Header with usernametoken which also has username and password in
> plain text.
> I wrote a CallbackHandler to receive this username and password on server.
> I used to get the username and password in cxf 2.7.6 in my callbackhandler.
> Whereas in cxf 3.2.1 I am no longer getting password. Its coming in as null.
> I did follow the new classes (WSPasswordCallback) and changed the package etc.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
