Well, once again, thanks a lot!
I'll continue to use the Interceptors, since the code is working, but
the context thing was exactly what I was lookin for.
On Fri, May 2, 2008 at 9:46 PM, Daniel Kulp <[EMAIL PROTECTED]> wrote:
>
>
> Note: this is probably not thread safe. Interceptors are "shared" by all
> invokations on the endpoint. Thus, the interceptor needs to make sure it
> doesn't maintain state (like the Principal object) in an instance variable
> that might be wiped out by an invokation being processed on another thread.
>
> To answer your other question...
> Assuming JAX-WS on server side, in your service implementation, add:
> @Resource
> WebServiceContext context;
> as an instance field. The runtime will inject a WebServiceContext instance
> in there. After that, in your interceptor, do something like:
> message.put("USER_NAME", principal.getName());
>
> Then, in your impl, do:
>
> String user = (String)context.getMessageContext().get("USER_NAME");
>
> You might even be able to do what you need without any interceptor. The
> WebServiceContext basically wrappers the message. Thus, you may be able to
> just do:
> context.getMessageContext().get(WSHandlerConstants.RECV_RESULTS)
> in your service impl to get the Vector there.
>
> Dan
>
>
>
>
>
> marcelo melo-2 wrote:
> >
> > Actually I was able to retrive the certificate via an Interceptor, on
> > the handleMessage of the Interceptorm here's what I did:
> >
> > Vector result = (Vector)
> > message.getContextualProperty(WSHandlerConstants.RECV_RESULTS);
> > for (int i = 0; i < result.size(); i++) {
> > WSHandlerResult res = (WSHandlerResult) result.get(i);
> > for (int j = 0; j < res.getResults().size(); j++) {
> > WSSecurityEngineResult secRes = (WSSecurityEngineResult)
> > res.getResults().get(j);
> >
> > X500Name principal = (X500Name) secRes.get("principal");
> > if(principal != null) {
> > this.setUser(principal.getName());
> > break;
> > }
> > }
> >
> > This gives me the pricipal stored on the certificate, which is enough
> > for me. I did not try you method 'cause I was not sure where I would
> > put the code, but thanks anyway
>
>
> >
> >
> > On Thu, May 1, 2008 at 5:33 AM, O hEigeartaigh, Colm
> > <[EMAIL PROTECTED]> wrote:
> >>
> >> The WSS4JInInterceptor attaches the X509 certificate that was used for
> >> signature to the message with:
> >>
> >> WSSecurityEngineResult actionResult =
> >> WSSecurityUtil.fetchActionResult(wsResult, WSConstants.SIGN);
> >> msg.put(SIGNATURE_RESULT, actionResult);
> >>
> >> You can access this downstream by doing something like:
> >>
> >> WSSecurityEngineResult result =
> >> (WSSecurityEngineResult)
> >> inmsg.get(WSS4JInInterceptor.SIGNATURE_RESULT);
> >>
> >> X509Certificate certificate =
> >> (X509Certificate)result
> >> .get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
> >>
> >> You can manipulate this X509Certificate object to get what you want I
> >> think.
> >>
> >> Colm.
> >>
> >>
> >>
> >> -----Original Message-----
> >> From: marcelo melo [mailto:[EMAIL PROTECTED]
> >> Sent: 01 May 2008 01:40
> >> To: [email protected]
> >> Subject: Retrieve the user using WS-Security and Signature
> >>
> >> Hi all,
> >>
> >> I am developing a service using signatures only, with no user-password
> >> authentication. However, when developing a Client, I am forced to set
> >> a user in order to invoke the service. Is there a way of retrieving
> >> the user on the server side (for auditing purposes)?
> >> I tried to use a password callback handler, which succesfully
> >> retrieved me the user, but required me to correctly inform a password,
> >> which I don't (at least won't if the key is not generated by me) know.
> >> Also, if someone could give me an insight of how, if possible, to use
> >> this user on my service class, I would be very grateful.
> >>
> >> Thanks
> >>
> >> ----------------------------
> >> IONA Technologies PLC (registered in Ireland)
> >> Registered Number: 171387
> >> Registered Address: The IONA Building, Shelbourne Road, Dublin 4,
> >> Ireland
> >>
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/Retrieve-the-user-using-WS-Security-and-Signature-tp16994689p17030305.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
>
