Thanks guys. It woked. I used Osvaldo's snippet to get LtpaToken2 and the
above code to put the cookie:
Map<String, List<String>> headers = CastUtils.cast((Map)
message.get(Message.PROTOCOL_HEADERS));
List<String> cookies = new ArrayList<String>();
cookies.add("LtpaToken2=" + getSecurityToken());
headers.put("Cookie", cookies);
Not convinced is the best way to do it but the important thing is that it
does work.
Again, thanks for the help!!
Bernardo.
2011/10/6 Bernardo Corrêa <[email protected]>
> That's OK, Osvaldo. You helped a lot with the lpta2Token and the security
> snippet.
>
> Now what I'm trying is this:
>
> Subject securitySubject = WSSubject.getRunAsSubject();
> message.put(SecurityContext.class,
> createSecurityContext(securitySubject));
>
>
> I'm in an Interceptor and the phase is Phase.PREPARE_SEND. Will this work
> or do I still have to write the actual cookie?
>
> Cheers,
>
> Bernardo.
>
> On Thu, Oct 6, 2011 at 1:52 PM, Osvaldo Pina <[email protected]>wrote:
>
>> Sory! I did it in a Jaxrs scenario! I realy don't know how to use
>> JaxWS clients...
>>
>> Ats,
>> Osvaldo Pina.
>>
>>
>>
>> On Thu, Oct 6, 2011 at 12:09 PM, Sergey Beryozkin <[email protected]>
>> wrote:
>> > Hi
>> > On 06/10/11 16:05, Bernardo Corrêa wrote:
>> >>
>> >> lHi Sergey,
>>
>> >>
>> >> This interceptor would be a client interceptor right? So I would be
>> able
>> >> to
>> >> set the cookie?
>> >>
>> > Yes
>> >
>> >> I think the solution Osvaldo suggested will throw an exception before I
>> >> set
>> >> the cookie, because, isn't cxf gonna try to reach the wsdl before the
>> >> cookie
>> >> is set?
>> >>
>> > No, jaxrs proxies do not deal with WSDL
>> > Cheers, Sergey
>> >
>> >> Thanks
>> >> Bernardo.
>> >>
>> >> BookStore proxy = JAXRSClientFactory.create("http://books";,
>> >> BookStore.class);
>> >> WebClient.client(proxy).cookie(getLtpaToken());
>> >>
>> >> On Thu, Oct 6, 2011 at 11:44 AM, Sergey
>> >> Beryozkin<[email protected]>wrote:
>> >>
>> >>> You can also do the same by registering a custom CXF out interceptor
>> and
>> >>> update Message.PROTOCOL_HEADERS property on the current message
>> >>> So that will work for JAX-WS, there could be a simpler option may
>> be...
>> >>> Cheers, Sergey
>> >>>
>> >>> On 06/10/11 15:17, Bernardo Corręa wrote:
>> >>>
>> >>>> Yeah, that'll work with JAXRS, but I'm actually using JAXWS. I'll
>> give
>> >>>> it
>> >>>> a
>> >>>> try, Change to JAXRS and try to do it.
>> >>>>
>> >>>> Thanks a lot!
>> >>>> Bernardo.
>> >>>>
>> >>>> On Thu, Oct 6, 2011 at 10:57 AM, Osvaldo Pina<[email protected]
>> >**
>> >>>> wrote:
>> >>>>
>> >>>> Hi,
>> >>>>>
>> >>>>> You can do that:
>> >>>>>
>> >>>>> // Create a proxy to a access a jaxrs server
>> >>>>> BookStore proxy =
>> >>>>> JAXRSClientFactory.create("htt**p://books<http://books>
>> >>>>> ",
>> >>>>> BookStore.class);
>> >>>>>
>> >>>>> // add a cookie to a call
>> >>>>> WebClient.client(proxy).**cookie(getLtpaToken());
>> >>>>>
>> >>>>>
>> >>>>> Ats,
>> >>>>> Osvaldo Pina.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> 2011/10/6 Bernardo Corręa<[email protected]>
>> >>>>>
>> >>>>>>
>> >>>>>> Thanks Osvaldo.
>> >>>>>>
>> >>>>>> I think that'll do, but where should I use it in order to CXF send
>> the
>> >>>>>> lpta2token or lptatoken in Websphere 6.1 in the client call?
>> >>>>>>
>> >>>>>> Thanks again.
>> >>>>>>
>> >>>>>> On Thu, Oct 6, 2011 at 10:30 AM, Osvaldo Pina<
>> [email protected]
>> >>>>>> wrote:
>> >>>>>>
>> >>>>>> Hi,
>> >>>>>>>
>> >>>>>>> I'm using websphere 7 and I´m using the following code to
>> generate a
>> >>>>>>> LtpaToken2 inside the container:
>> >>>>>>>
>> >>>>>>> private String getSecurityToken() {
>> >>>>>>> byte[] token = null;
>> >>>>>>> try {
>> >>>>>>> // Get current security subject
>> >>>>>>> Subject securitySubject = WSSubject.getRunAsSubject();
>> >>>>>>> if (securitySubject != null) {
>> >>>>>>> // Get all security credentials from the security
>> >>>>>>>
>> >>>>>> subject
>> >>>>>
>> >>>>>> Set<WSCredential> securityCredentials =
>> >>>>>>>
>> >>>>>>> securitySubject.**getPublicCredentials(**WSCredential.class);
>> >>>>>>>
>> >>>>>>> // Get the first credential
>> >>>>>>> WSCredential securityCredential =
>> >>>>>>> securityCredentials.iterator()**.next();
>> >>>>>>> String user =
>> securityCredential.**getSecurityName();
>> >>>>>>> if (user.equalsIgnoreCase("**UNAUTHENTICATED")) {
>> >>>>>>> return null;
>> >>>>>>> }
>> >>>>>>> token = securityCredential.**getCredentialToken();
>> >>>>>>> if (token == null) {
>> >>>>>>> return null;
>> >>>>>>> }
>> >>>>>>> return Base64.encodeBytes(token);
>> >>>>>>> }
>> >>>>>>> } catch (Exception e) {
>> >>>>>>> //TODO Logar erro adequadamente;
>> >>>>>>> e.printStackTrace();
>> >>>>>>> }
>> >>>>>>> return null;
>> >>>>>>> }
>> >>>>>>>
>> >>>>>>> and then I send a ltpaToken2 in the client call by adding a
>> cookie:
>> >>>>>>> client.cookie(new Cookie("LtpaToken2", ltpaToken));
>> >>>>>>>
>> >>>>>>> I'm do't know to much about websphere administration
>> configuration,
>> >>>>>>> so
>> >>>>>>>
>> >>>>>> I
>> >>>>>
>> >>>>>> don´t know if it will work on your environment.
>> >>>>>>>
>> >>>>>>> Ats,
>> >>>>>>> Osvaldo Pina.
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> 2011/10/6 Bernardo Corręa<[email protected]>
>> >>>>>>>
>> >>>>>>> Hi, I'm facing a problem and could not find a way to solve it, so
>> >>>>>>> I'm
>> >>>>>>>>
>> >>>>>>> gonna
>> >>>>>>>
>> >>>>>>>> try to get help from you guys.
>> >>>>>>>>
>> >>>>>>>> I have 2 apps deployed on Webpshere Server (same server, same
>> cell)
>> >>>>>>>>
>> >>>>>>> with
>> >>>>>
>> >>>>>> app
>> >>>>>>>>
>> >>>>>>>> security enabled (JAAS / LPTA), one that exposes a webservice
>> and
>> >>>>>>>>
>> >>>>>>> one
>> >>>>>
>> >>>>>> that
>> >>>>>>>
>> >>>>>>>> will get the data from it.
>> >>>>>>>>
>> >>>>>>>> The problem is I can't get CXF to use the LPTA token from the
>> >>>>>>>>
>> >>>>>>> cointeiner
>> >>>>>
>> >>>>>> when creating the http call to the endpoint. Does anyone know how I
>> >>>>>>>>
>> >>>>>>> could
>> >>>>>
>> >>>>>> solve this?
>> >>>>>>>>
>> >>>>>>>> Just to remember, is the same server and I'm using a Federated
>> >>>>>>>>
>> >>>>>>> repository
>> >>>>>
>> >>>>>> to
>> >>>>>>>>
>> >>>>>>>> manage users and groups, it's not even a problem of
>> authentication
>> >>>>>>>>
>> >>>>>>> between
>> >>>>>>>
>> >>>>>>>> two server.
>> >>>>>>>>
>> >>>>>>>> I get HTTP 401.
>> >>>>>>>>
>> >>>>>>>> Thanks in advance
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>
>> >>>>>
>> >>>>
>> >>>
>> >>
>> >
>> >
>>
>
>
