[jira] [Commented] (CXF-7677) With CXF 3.2.1, using UsernameToken, cannot receive password in callback

Mon, 12 Mar 2018 15:16:20 -0700 

    [ 
https://issues.apache.org/jira/browse/CXF-7677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16396155#comment-16396155
 ] 

Sumeet Mahajan commented on CXF-7677:
-------------------------------------

Adding my jaxws configuration:

 

<bean id="relius360PasswordCallback" 
class="sungard.planning.web.services.impl.ReliusServerPasswordCallback" />

<jaxws:endpoint id="relius360planparticipantcalcsei"
 
implementor="sungard.planning.web.services.impl.Relius360PlanParticipantCalcSEIImpl"
 wsdlLocation="wsdl/relius360planparticipantcalcsei.wsdl" 
 address="/relius360planparticipantcalcsei">

<jaxws:inInterceptors>
 <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
 <constructor-arg>
 <map>
 <entry key="isBSPCompliant" value="false" />
 <entry key="action" value="UsernameToken"/>
 <entry key="passwordType" value="PasswordText"/>
 <entry key="passwordCallbackRef">
 <ref bean="relius360PasswordCallback"/>
 </entry>
 </map>
 </constructor-arg>
 </bean>
 </jaxws:inInterceptors>
 <jaxws:features/>
 <jaxws:properties>
 <entry key="ws-security.enable.nonce.cache" value="false" />
 <entry key="ws-security.enable.timestamp.cache" value="false" />
 </jaxws:properties>
 </jaxws:endpoint>

> With CXF 3.2.1, using UsernameToken, cannot receive password in callback
> ------------------------------------------------------------------------
>
>                 Key: CXF-7677
>                 URL: https://issues.apache.org/jira/browse/CXF-7677
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 3.2.1
>         Environment: Java 8.
> CXF 3.2.1
> wss4j-2.1.jar
> xmlsec-2.1.0.jar
>            Reporter: Sumeet Mahajan
>            Priority: Critical
>         Attachments: soap-request.xml
>
>
> I am attaching my SOAP request.
> It has SOAP Header with usernametoken which also has username and password in 
> plain text.
> I wrote a CallbackHandler to receive this username and password on server.
> I used to get the username and password in cxf 2.7.6 in my callbackhandler. 
> Whereas in cxf 3.2.1 I am no longer getting password. Its coming in as null. 
> I did follow the new classes (WSPasswordCallback) and changed the package etc.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to