Re: Dynamic username when using WSS signature in a HTTP provider endpoint

Thu, 30 Aug 2007 15:38:50 -0700 

On 8/30/07, André Szdzuy <[EMAIL PROTECTED]> wrote:
>
> Hi,
> I have configured a provider endpoint for servicemix-http using an xbean.xml
> like in the Outbound Signature example in the docs.
> Now I don't want to give the username for the signature hard-coded in the
> xbean.xml as in the example but dynamically at runtime.
> How can I do that?
>
> I have seen that method onSend() in class
> org.apache.servicemix.soap.handlers.security.WSSecurityHandler tries to get
> the username from the properties map and the message context before it takes
> the value from the xbean.xml.
> How can I achieve that there is a "user" value in the properties or message
> context? I already tried to set a "user" property in the Exchange object and
> a securitySubject in the NormalizedMessage which I send to servicemix-http -
> no difference...
>
> Any ideas?

I always recommend that people use the Spring
PropertyPlaceHolderConfigurer to read in a properties file or some
system properties where the password is located. Then use property
dereferencing to set the password in the xbean.xml configuration file.
Below is an example of this:

<!-- Read in the properties file containing properties with the passwords -->
<bean id="propertyConfigurer"
  
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
  <property name="location" value="classpath:foo.properties" />
</bean>

<!-- Use property dreferencing to apply the passwords. See the
$myKeyStorePasword and $myKeyPasword below. -->
<http:endpoint service="my:inputSender"
               endpoint="endpoint"
               role="provider"
               soap="true"
               locationURI="http://localhost:8192/service/";>
      <http:policies>
       <soap:ws-security sendAction="Signature" username="smx">
        <soap:crypto>
         <bean 
class="org.apache.servicemix.soap.handlers.security.StandaloneCrypto">
          <property name="keyStoreUrl" value="classpath:keystore.jks" />
          <property name="keyStorePassword" value="${myKeyStorePasword}" />
          <property name="keyPassword" value="${myKeyPassword}"/>
        </bean>
      </soap:crypto>
    </soap:ws-security>
  </http:policies>
</http:endpoint>

HTH

Bruce
-- 
perl -e 'print unpack("u30","D0G)[EMAIL 
PROTECTED]&5R\"F)R=6-E+G-N>61E<D\!G;6%I;\"YC;VT*"
);'

Apache ActiveMQ - http://activemq.org/
Apache ServiceMix - http://servicemix.org/
Apache Geronimo - http://geronimo.apache.org/
Castor - http://castor.org/

Reply via email to