Hi, everyone:
I am using rampart-1.4 to secure a axis2-1.4 web service.
Here is my setting on client.axis2.xml for rampart:
<module ref="rampart" />
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken Timestamp</items>
<user>wsuser</user>
<passwordCallbackClass>org.kepler.executionWS.client.PWHandlerClient</passwordCallbackClass>
</action>
</parameter>
The PWHandlerClient class will read a property file to set password for
wsuser:
public class PWHandlerClient implements CallbackHandler {
private static final String WS_USER_PROPS =
"conf/UserManagement.properties";
public void handle (Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pwcb = (WSPasswordCallback) callbacks[i];
String id = pwcb.getIdentifer();
if (id == null)
System.out.println("no users");
//get user info from configuration file
try {
Properties pros = new Properties();
BufferedInputStream prosFile = new
BufferedInputStream(new FileInputStream(WS_USER_PROPS));
pros.load(prosFile);
pwcb.setPassword(pros.getProperty(id));
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
}
}
}
Here is my services.xml about the rampart on my service side:
<module ref="rampart" />
<parameter name="InflowSecurity">
<action>
<items>UsernameToken Timestamp</items>
<passwordCallbackClass>org.kepler.executionWS.PWHandlerServer</passwordCallbackClass>
</action>
</parameter>
The PWHandlerServer class looks like:
public void handle (Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
System.out.println(""+i+"=========== the identifier is
"+pc.getIdentifer());
System.out.println(""+i+"=========== the usag is
"+pc.getUsage());
System.out.println(""+i+"=========== the password is
"+pc.getPassword());
pc.setPassword("wsuserPass");
}
}
System.out.println("reach the end =====!");
}
The output always is:
0=========== the identifier is wsuser
0=========== the usag is 2
0=========== the password is null
reach the end =====!
You see, the service PWHandlerServer couldn't get the password. The
value is null. I have to manually set the password by:
pc.setPassword("wsuserPass");
By the way, the username/password (they wsuser/wsuserPass) was sent to
the service correctly. If i set a different password by:
pc.setPassword("hello") on the service side,my code will get a
WSSecurityException.
My purpose is: if i can get the username/password pair on service side,
I can send this pair to a ldap server to authenticate if the
username/password from client is valid. If it is valid, the operation
will be continue. Otherwise, it stops.
I looked an article on this page:
http://wso2.org/library/3190#Step_3._Engaging_Rampart_and_setting_authentication_information
On service side, it has some code like:
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i< callbacks.length; i++) {
//When the server side need to authenticate the user
WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
if(pwcb.getIdentifer().equals("apache")&&
pwcb.getPassword().equals("password")) {
//If authentication successful, simply return
return;
} else {
throw new UnsupportedCallbackException(callbacks[i], "check
failed");
}
}
}
It seems his code can get the password on service's CallbackHandler.
Do you have any idea why i can't get the password on the service side?
Thank you very much!
Regards,
Jing
By the way, my client code is:
/**
* Constructor
*/
public KeplerExeWSClient(String endPoint, boolean
loadConfigFromJar) throws Exception{
this.loadConfigFromJar = loadConfigFromJar;
options = new Options();
options.setProperty(Constants.Configuration.ENABLE_SWA,
Constants.VALUE_TRUE);
options.setSoapVersionURI(SOAP11Constants.SOAP_ENVELOPE_NAMESPACE_URI);
// Increase the time out when sending large attachments
options.setTimeOutInMilliSeconds(1000000);
EndpointReference epr = new EndpointReference(endPoint);
options.setTo(epr);
if (loadConfigFromJar) {
//System.out.println("load config from jar");
cofigContext =
ConfigurationContextFactory.createDefaultConfigurationContext();
} else {
//System.out.println("load config from file system");
cofigContext =
ConfigurationContextFactory.createConfigurationContextFromFileSystem(this.axis2ModulePath,
this.axis2xmlPath);
}
}
/**
* Get the status of a workflowRun with given id
* @param workflowRunId
* @return
*/
public String getStatus(String workflowRunId) throws Exception
{
String action = "getStatus";
options.setAction("urn:"+action);
OperationClient keplerWSClient = createOperationClient(options);
MessageContext mc = createMessageWithoutAttach(action,
workflowRunId);
keplerWSClient.addMessageContext(mc);
keplerWSClient.execute(true);
//Let's get the message context for the response
OMElement outputs = getResponseOMElement(keplerWSClient, action);
//get corresponding output
OMElement outputOME = outputs.getFirstChildWithName(new
QName(KEPLER_NAME_SPACE,"return"));
return outputOME.getText();
}
/*
* Creates an OperationClient object
*/
private OperationClient createOperationClient(Options options)
throws Exception
{
ServiceClient sender = new ServiceClient(cofigContext, null);
sender.setOptions(options);
OperationClient keplerWSClient = sender
.createClient(ServiceClient.ANON_OUT_IN_OP);
return keplerWSClient;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscr...@axis.apache.org
For additional commands, e-mail: java-user-h...@axis.apache.org
