This approach with ThreadLocal var storing thread specifc service QName worked. Made sure my interceptor got invoked during the READ phase which is before the PRE_PROTOCOL phase. Now I can make sure the client is invoking only the service it is authorized to invoke... but this is something, making extra calls adding overheads, IMO, I should not have to do, something the WS-* spec should provide.
On Tue, May 13, 2008 at 3:12 PM, Daniel Kulp <[EMAIL PROTECTED]> wrote: > > On May 13, 2008, at 4:01 PM, Ben Berner wrote: > > Dan, I looked at the javadocs, but can't seem to find any association of >> Service Endpoint with the Exchange Object. >> > > Just call: > > Service service = exchange.get(Service.class); > > There's a bunch of things stored on the exchange like that. The Bus is > there, the Endpoint, the Binding, depending on the phase, the OperationInfo > would be there, etc... > > Also is there a particular >> interceptor I need to implement for this? >> > > Easiest to just subclass the AbstractPhaseInterceptor. Not sure on the > phase. The WSS4JInInterceptor runs in the PRE_PROTOCOL phase, so after > that most likely. > > Dan > > > > > >> Regards, >> Ben >> >> On Tue, May 13, 2008 at 2:28 PM, Ben Berner <[EMAIL PROTECTED]> >> wrote: >> >> I thought about injecting the namespace into the the handlers.. but >>> that's >>> a lot of work for me as I am in the process of migrating my services from >>> XFire to CXF. Now, the second scenario makes me think instead of using >>> another interceptor on top of Handler, why not just use the the simple >>> interceptor that does the validation... >>> >>> >>> On Tue, May 13, 2008 at 2:04 PM, Daniel Kulp <[EMAIL PROTECTED]> wrote: >>> >>> >>>> On May 13, 2008, at 1:01 PM, Ben Berner wrote: >>>> >>>> Hello cxf-users, >>>> >>>>> I need to check whether the client invoking a web service is >>>>> authorized to >>>>> do so. The database has targetNamespace of the service paired with >>>>> the >>>>> username/key. So, need to find the targetNamespace of the WebService >>>>> at >>>>> runtime in ServerPasswordCallback Class that implements >>>>> CallbackHandler >>>>> (using ws-security). Is this possible via some api or I need to >>>>> inject >>>>> something into this callback class? >>>>> Regards, >>>>> Ben >>>>> >>>>> >>>> Hmmmmm........ interesting problem. I'm not sure what the best way to >>>> do it is. It could also depend on how you are configuring the ws-sec >>>> stuff. If you are configuring the ws-sec/handler stuff on the bus, you >>>> really cannot store any state in it as that instance will be shared by >>>> all >>>> services. You COULD configure it on a per-service basis and just >>>> inject >>>> the target namespace of that service into the handler as a constructor >>>> arg >>>> or property or something. That's quite a bit more configuration >>>> though. >>>> >>>> If you want to keep it configured on a per-bus basis, I would add an >>>> interceptor in front of the ws-sec in interceptor that grabs the Service >>>> object from the Exchange, grabs the namespace in there and stores it in >>>> a >>>> public ThreadLocal or something that the Handler would have access to. >>>> >>>> >>>> --- >>>> Daniel Kulp >>>> [EMAIL PROTECTED] >>>> http://www.dankulp.com/blog >>>> >>>> >>>> >>>> >>>> >>>> >>> > --- > Daniel Kulp > [EMAIL PROTECTED] > http://www.dankulp.com/blog > > > > >
