Hi,
I had already sent a message to the DEV group and did not receive any
reply, so I am sending the same message again as I am looking for a
solution to this problem urgently.......
I am trying to implement SecureConversation as defined in Rampart's
"\policy\sample04" example in the samples directory of the rampart-1.3
release.
The client sends multiple SOAP messages to the server[1]. The messages
are authenticated using the UsernameToken in PWCallback class.
Now my question is that every time I send a SOAP message the
authentication logic in PWCallback class[2] is also executed for every
request.
Is there a way to identify that all the subsequent
messages("client.sendReceive") are from the same session so that the
authentication will happen only once by calling the PWCallback handler
class only once? Is there a way to achieve this?
In real project scenario the PWCallback class will contain calls to LDAP
for authentication and the whole purpose we are trying to implement
WS-SecureConversation in addition to WS-Security is that we can to
Secure Conversation between messages and not have to do LDAP
authentication for every message. Any help is highly appreciated.
Thanks in advance.
Bhushan Gupte
[1] OMElement response = client.sendReceive(getPayload("Hello
world1"));
System.out.println("Response 1 : " + response);
response = client.sendReceive(getPayload("Hello world2"));
System.out.println("Response 2 : " + response);
response = client.sendReceive(getPayload("Hello world3"));
System.out.println("Response 3 : " + response);
[2] for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
String id = pwcb.getIdentifer();
if("client".equals(id)) {
pwcb.setPassword("apache");
} else if("service".equals(id)) {
pwcb.setPassword("apache");
}
}
