Thanks Colm I just found an example with a WSS4JOutInterceptor and my SamlCallbackHandler gets called now.
What I noticed: On the WSS4JOutInterceptor I have to use ConfigurationConstants.SAML_CALLBACK_REF. When I use SecurityConstants.SAML_CALLBACK_HANDLER instead, I get an error saying that no SAML callback handler is defined. @Bean public WSS4JOutInterceptor wss4JOutInterceptor(final SamlCallbackHandler samlCallbackHandler) { Map<String, Object> properties = new HashMap<>(); properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_SIGNED); properties.put(ConfigurationConstants.SAML_CALLBACK_REF, samlCallbackHandler); return new WSS4JOutInterceptor(properties); } @Bean public Dispatch<Source> myClient (final WSS4JOutInterceptor wss4JOutInterceptor) { QName serviceName = new QName("namespace", "service"); QName portName = new QName("namespace ", "port"); Service service = Service.create(serviceName); service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING, "address"); Dispatch<Source> dispatch = service.createDispatch(portName, Source.class, Service.Mode.PAYLOAD); Client client = ((org.apache.cxf.jaxws.DispatchImpl)dispatch).getClient(); client.getInInterceptors().add(new LoggingInInterceptor()); client.getOutInterceptors().add(new LoggingOutInterceptor()); client.getOutInterceptors().add(wss4JOutInterceptor); return dispatch; } Stephan -----Ursprüngliche Nachricht----- Von: Colm O hEigeartaigh <cohei...@apache.org> Gesendet: Dienstag, 18. September 2018 11:21 An: users@cxf.apache.org Betreff: Re: Configure SamlCallbackHandler for Dispatch client Putting it on the client request context should work. The question is though, how are you configuring that a SAML token is required? Setting the SAML CallbackHandler is not enough - either you need to have a SamlToken policy assertion in the WSDL (or in a local policy file) or else you need to set up the WSS4JOutInterceptor to configure it to include a SAML token. Colm. On Mon, Sep 17, 2018 at 4:19 PM Burkard Stephan <stephan.burk...@visana.ch> wrote: > Hi > > I am trying to "decorate" an outgoing web service call with a SAML > token for authentication. Therefore I have written a > SamlCallbackHandler. It is for sure not yet complete, but I am already > failing to configure it onto my CXF client which is a Dispatch client. > > I have found that I need to configure the key > SecurityConstants.SAML_CALLBACK_HANDLER with my SamlCallbackHandler > instance. > > I also found JAX-B based examples who configure the handler on the web > service port type: > ((BindingProvider)saml2Port).getRequestContext().put( > "ws-security.saml-callback-handler", new SamlCallbackHandler() > ); > > But my dispatch client has no port type class. It looks like this > (simplified names): > > @Bean > public Dispatch<Source> myClient(final SamlCallbackHandler > samlCallbackHandler) { > QName serviceName = new QName("namespace", "service"); > QName portName = new QName("namespace ", "port"); > Service service = Service.create(serviceName); > service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING, > "address"); > Dispatch<Source> dispatch = service.createDispatch(portName, > Source.class, Service.Mode.PAYLOAD); > Client client = > ((org.apache.cxf.jaxws.DispatchImpl)dispatch).getClient(); > client.getInInterceptors().add(new LoggingInInterceptor()); > client.getOutInterceptors().add(new LoggingOutInterceptor()); > return dispatch; > } > > On this client I tried to configure my SamlCallbackHandler like this: > > 1. > client.getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER > , > samlCallbackHandler); > 2. > client.getEndpoint().put(SecurityConstants.SAML_CALLBACK_HANDLER, > samlCallbackHandler); > > Unfortunately none of them works, the handle method of the handler is > never called and therefore the outgoing request has no token. > > How can I configure the SamlCallbackHandler on a Dispatch client? I > did not found an example in the CXF project. > > Thanks > Stephan > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com