Dan It's really good idea to extends WSS4InInterceptor - in this way it's
possible to set context, but I still have some problem. I've got
ClassCastException in this line:
for (WSSecurityEngineResult o : recv)
I try to find some solution but documentation is realy poor (or I missed
it). Maybe You can help me one more time.
Regards
dkulp wrote:
>
>
> I just committed some code that will make this much easier in cxf
> 2.1.2/2.0.8, but that isn't going to help you right now.
>
> A couple of options...
>
> 1) Use a subclass of WSS4JInInterceptor (this would be my preferred
> approach as it mimics what I just committed). Basically, override the
> handleMessage call to do:
> public void handleMessage(SoapMessage msg) throws Fault {
> super.handleMessage(msg);
> List< WSSecurityEngineResult > recv =
> (List)msg.get("RECV_RESULTS");
> for (WSSecurityEngineResult o : recv) {
> final Principal p =
> (Principal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
> if (p != null) {
> SecurityContext c = new SecurityContext() {
> public Principal getUserPrincipal() {
> return p;
> }
> public boolean isUserInRole(String role) {
> return false;
> }
> };
> msg.put(SecurityContext.class, c);
> break;
> }
> }
> }
>
> In your Impl, you then would just do:
>
> @Resource
> WebServiceContext ctx;
> .....
> Principal p = ctx.getUserPrincipal();
> and query whatever you need from that. (it would probably be a
> WSUsernameTokenPrincipal which has the password and other things
> stored in it, but if you use x509 certs, it would be a
> X509Principal) Once 2.1.2/2.0.8 comes out, you could remove the
> WSS4JInInterceptor subclass and the code would still work.
>
> 2) In you impl, you could do:
>
> @Resource
> WebServiceContext ctx;
> .....
> MessageContext ctx = (MessageContext) wsContext.getMessageContext();
> List recv = (List)ctx.get("RECV_RESULTS");
> WSHandlerResult wsResult = (WSHandlerResult)recv.get(0);
> WSSecurityEngineResult wsseResult =
> (WSSecurityEngineResult)wsResult.getResults().get(0);
> Principal principal =
> (Principal)wsseResult.get(WSSecurityEngineResult.TAG_PRINCIPAL);
>
>
> 3) Like (1), you could subclass WSS4JInInterceptor and copy stuff out
> of it and call "msg.put(key, value)" for anything you want. Then
> query them from the WebServiceContext.
>
>
> Dan
>
>
>
>
>
>
>
>
>
>
>
>
>
> On Jul 2, 2008, at 6:43 AM, Selena85 wrote:
>
>>
>> Dan I spend a lot of time trying to do it, but I still cannot achieve
>> success. Maybe You can show me some code snipet.
>> Regards
>>
>> dkulp wrote:
>>>
>>>
>>> On Jun 30, 2008, at 5:04 AM, Selena85 wrote:
>>>
>>>>
>>>> Hello I'm newbie in CXF and Spring. My task is to prepear user
>>>> authenthication and to log user activities. Now I've got user
>>>> authenthication using WSS4JInInterceptor and callback - and it's
>>>> work fine.
>>>> My problem is, how to pass authentication data (username) to the
>>>> endpoint
>>>> implementor class (translatorServiceImpl). Is there any way to do
>>>> this using
>>>> Spring (set a property in class translatorServiceImpl)?
>>>
>>> No, because there is a single instance of the Impl created and is
>>> used
>>> during all invocations. The way this is done is to add:
>>>
>>> @Resource
>>> WebServiceContext ctx;
>>>
>>> To your Impl and the context should get injected. From the context
>>> (which is thread local), you can query any items that are stored in
>>> the Message object in your interceptor.
>>>
>>> Dan
>>>
>>>
>>>
>>>>
>>>> <!-- Service endpoint -->
>>>> <jaxws:endpoint id="translatorService"
>>>> implementor="#translatorServiceImpl" address="/translation">
>>>> <jaxws:serviceFactory>
>>>> <ref bean="jaxws-and-aegis-service-factory" />
>>>> </jaxws:serviceFactory>
>>>> <jaxws:inInterceptors>
>>>> <bean
>>>>
>>>> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
>>>> <constructor-arg>
>>>> <map>
>>>> <entry key="action" value="UsernameToken" />
>>>> <entry key="passwordType"
>>>> value="PasswordText" />
>>>> <entry key="passwordCallbackClass"
>>>>
>>>> value="pl.waga.service.ServerAuthorizationCallback" />
>>>> </map>
>>>> </constructor-arg>
>>>> </bean>
>>>> </jaxws:inInterceptors>
>>>> </jaxws:endpoint>
>>>>
>>>> --
>>>> View this message in context:
>>>> http://www.nabble.com/SOAP-Header-tp18191401p18191401.html
>>>> Sent from the cxf-user mailing list archive at Nabble.com.
>>>>
>>>
>>> ---
>>> Daniel Kulp
>>> [EMAIL PROTECTED]
>>> http://www.dankulp.com/blog
>>>
>>>
>>>
>>>
>>>
>>>
>>
>> --
>> View this message in context:
>> http://www.nabble.com/SOAP-Header-tp18191401p18234718.html
>> Sent from the cxf-user mailing list archive at Nabble.com.
>>
>
> ---
> Daniel Kulp
> [EMAIL PROTECTED]
> http://www.dankulp.com/blog
>
>
>
>
>
>
--
View this message in context:
http://www.nabble.com/SOAP-Header-tp18191401p18268719.html
Sent from the cxf-user mailing list archive at Nabble.com.
