Re: axis2 rampart

Fri, 12 Dec 2014 06:07:46 -0800 

Hi,

it is quite simple to fetch the username/password from the WS-Security
UserNameToken :


public class PasswordCBHandler
             implements CallbackHandler
{
  @Override
  public void handle( Callback[] callbacks )
              throws IOException, UnsupportedCallbackException
  {
     for( Callback cb : callbacks ) {
        WSPasswordCallback pwcb = (WSPasswordCallback)cb;
        if( (pwcb.getUsage() == WSPasswordCallback.USERNAME_TOKEN) ||
            (pwcb.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN) )
        {
          String userid = pwcb.getIdentifier();
          String pwd = pwcb.getPassword();

          boolean isvalid = false;
          // Do the authentication stuff here, leads to isvalid=true/false

          if( isvalid ) {
              logInfo( "PasswordCBHandler.handle(): "+userid+" ok." );
              return;
          } else {
              logWarn( "PasswordCBHandler.handle(): "+userid+" failed." );
              throw new UnsupportedCallbackException(cb, "check failed");
          }
        }
     }
  }
}

And in services.xml of the webservices:

<service name="SomeService" scope="application"
                                class="xx.yy.SomeService" >

   <parameter name="useOriginalwsdl">true</parameter>
   <parameter name="modifyUserWSDLPortAddress">true</parameter>
    <!-- some other configurations -->

    <!-- Authentifizierung via WS-Security (Username-Token) -->
    <module ref="rampart" />
    <parameter name="InflowSecurity">
        <action>
           <items>UsernameToken</items>
           <passwordCallbackClass>
                 xx.yy.PasswordCBHandler
           </passwordCallbackClass>
        </action>
    </parameter>

</service>


That should work, if rampart is activated in axis.xml.

Cheers
Jörg




> juergen sorg <j.s...@fz-juelich.de> hat am 12. Dezember 2014 um 12:45
> geschrieben:
>
>
> hi,
>
> i tried to authenticate soap service users against an microsoft active
> directory.
> is it possible within the CallbackHandler to get the password provided
> by the user within the soap message?
>
> i read something about getUsage==USERNAME_TOKEN_UNKOWN but i do not know
> the settings in rampart to get axis call the callback in this way. (in
> this case the password sould be provided by WSPasswordCallback.getPassword)
>
> i also tried to get a MessageContext within the callback routine. but
> this is not possible. the result of getCurrentMessageContext is null.
>
> thanks in advance
>
>
> gruss juergen
>
>
>
>

Reply via email to