RE: How to get username/password on the service side by using rampart

Wed, 17 Aug 2011 04:49:14 -0700 

Is any good e-book for Axis2

 

Dipesh Garg

 

  _____  

From: Thilina Mahesh Buddhika [mailto:thilin...@gmail.com] 
Sent: Wednesday, August 17, 2011 2:57 PM
To: java-user@axis.apache.org
Subject: Re: How to get username/password on the service side by using
rampart

 

Hi Jing,

 

By looking at the code segments and configurations, I could not identify
anything suspicious. I am not sure whether there is a bug in this particular
version.

 

Is it possible for you to try this with the latest release (Rampart 1.5.1
and Axis2 1.5.5). Also please try to use the policy based configuration,
because that is the model we encourage users to follow. You can find a
similar scenario in the first sample of under the policy section in the
Rampart distribution.

 

Thanks,

Thilina

On Wed, Aug 17, 2011 at 5:15 AM, jing <t...@nceas.ucsb.edu> wrote:

Hi, everyone:

I am using rampart-1.4 to secure a axis2-1.4 web service.

Here is my setting on client.axis2.xml for rampart:

<module ref="rampart" />
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken Timestamp</items>
<user>wsuser</user>
<passwordCallbackClass>org.kepler.executionWS.client.PWHandlerClient</passwo
rdCallbackClass>
</action>
</parameter>

The PWHandlerClient class will read a property file to set password for
wsuser:
 public class PWHandlerClient implements CallbackHandler {

   private static final String WS_USER_PROPS =
"conf/UserManagement.properties";


   public void handle (Callback[] callbacks) throws IOException,
UnsupportedCallbackException {

       for (int i = 0; i < callbacks.length; i++) {
           WSPasswordCallback pwcb = (WSPasswordCallback) callbacks[i];
           String id = pwcb.getIdentifer();
           if (id == null)
               System.out.println("no users");
           //get user info from configuration file
           try {
               Properties pros = new Properties();
               BufferedInputStream prosFile = new BufferedInputStream(new
FileInputStream(WS_USER_PROPS));
               pros.load(prosFile);
               pwcb.setPassword(pros.getProperty(id));
           } catch (FileNotFoundException e) {
               e.printStackTrace();
           } catch (IOException e) {
               e.printStackTrace();
           } catch (Exception e) {
               e.printStackTrace();
           }
       }
   }
}


Here is my services.xml about the rampart on my service side:
<module ref="rampart" />
<parameter name="InflowSecurity">
<action>
<items>UsernameToken Timestamp</items>
<passwordCallbackClass>org.kepler.executionWS.PWHandlerServer</passwordCallb
ackClass>
</action>
</parameter>

The PWHandlerServer class looks like:
 public void handle (Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
       for (int i = 0; i < callbacks.length; i++) {
           if (callbacks[i] instanceof WSPasswordCallback) {
               WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
               System.out.println(""+i+"=========== the identifier is
"+pc.getIdentifer());
               System.out.println(""+i+"=========== the usag is
"+pc.getUsage());
               System.out.println(""+i+"=========== the password is
"+pc.getPassword());
               pc.setPassword("wsuserPass");
           }
       }
       System.out.println("reach the end =====!");
   }

The output always is:
0=========== the identifier is wsuser
0=========== the usag is 2
0=========== the password is null
reach the end =====!

You see, the service PWHandlerServer couldn't get the password. The value is
null. I have to manually set the password by:
pc.setPassword("wsuserPass");

By the way, the username/password (they wsuser/wsuserPass) was sent to the
service correctly. If i set a different password by:
pc.setPassword("hello") on the service side,my code will get a
WSSecurityException.


My purpose is:  if i can get the username/password pair on service side, I
can send this pair to a ldap server to authenticate if the username/password
from client is valid. If it is valid, the operation will be continue.
Otherwise, it stops.

I looked an article on this page:
http://wso2.org/library/3190#Step_3._Engaging_Rampart_and_setting_authentica
tion_information
On service side, it has some code like:

 public void handle(Callback[] callbacks) throws IOException,
           UnsupportedCallbackException {

       for (int i = 0; i<  callbacks.length; i++) {

           //When the server side need to authenticate the user
           WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];

           if(pwcb.getIdentifer().equals("apache")&&
pwcb.getPassword().equals("password")) {
               //If authentication successful, simply return
               return;
           } else {
               throw new UnsupportedCallbackException(callbacks[i], "check
failed");
           }

       }
   }

It seems his code can get the password on service's CallbackHandler.

Do you have any idea why i can't get the password on the service side?

Thank you very much!

Regards,

Jing


By the way, my client code is:
   /**
    * Constructor
    */
   public KeplerExeWSClient(String endPoint, boolean loadConfigFromJar)
throws Exception{
       this.loadConfigFromJar = loadConfigFromJar;
       options = new Options();
       options.setProperty(Constants.Configuration.ENABLE_SWA,
               Constants.VALUE_TRUE);
 
options.setSoapVersionURI(SOAP11Constants.SOAP_ENVELOPE_NAMESPACE_URI);
       // Increase the time out when sending large attachments
       options.setTimeOutInMilliSeconds(1000000);
       EndpointReference epr = new EndpointReference(endPoint);
       options.setTo(epr);
       if (loadConfigFromJar) {
           //System.out.println("load config from jar");
           cofigContext =
ConfigurationContextFactory.createDefaultConfigurationContext();

       } else {
           //System.out.println("load config from file system");
           cofigContext =
ConfigurationContextFactory.createConfigurationContextFromFileSystem(this.ax
is2ModulePath, this.axis2xmlPath);
       }
   }

   /**
    * Get the status of a workflowRun with given id
    * @param workflowRunId
    * @return
    */
   public String getStatus(String workflowRunId) throws Exception
   {
       String action = "getStatus";
       options.setAction("urn:"+action);
       OperationClient keplerWSClient = createOperationClient(options);
       MessageContext mc = createMessageWithoutAttach(action,
workflowRunId);
       keplerWSClient.addMessageContext(mc);
       keplerWSClient.execute(true);

        //Let's get the message context for the response
       OMElement outputs = getResponseOMElement(keplerWSClient, action);
       //get corresponding output
       OMElement outputOME = outputs.getFirstChildWithName(new
QName(KEPLER_NAME_SPACE,"return"));

       return outputOME.getText();
   }

   /*
    * Creates an OperationClient object
    */
   private OperationClient createOperationClient(Options options) throws
Exception
   {
       ServiceClient sender = new ServiceClient(cofigContext, null);
       sender.setOptions(options);
       OperationClient keplerWSClient = sender
               .createClient(ServiceClient.ANON_OUT_IN_OP);
       return keplerWSClient;
   }




---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscr...@axis.apache.org
For additional commands, e-mail: java-user-h...@axis.apache.org





 

-- 
Thilina Mahesh Buddhika
http://blog.thilinamb.com

Reply via email to