Thanks,
This is working!
for me the cxf-servlet must have:
<jaxws:endpoint
xmlns:tns="xyz"
id="xyz"
implementor="xyz"
wsdlLocation="xyz"
serviceName="xyz">
<jaxws:properties>
<entry key="schema-validation-enabled" value="true" />
<entry key="ws-security.ut.validator">
<bean class="xyz.xyz.MyUsernameTokenValidator"/>
</entry>
</jaxws:properties>
<jaxws:inInterceptors>
<bean
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action"
value="UsernameToken"/>
<entry key="passwordType"
value="PasswordText"/>
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
and my validator is
package xyz.xyz.soap.handler;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.message.token.UsernameToken;
import org.apache.ws.security.validate.UsernameTokenValidator;
public class MyUsernameTokenValidator extends UsernameTokenValidator {
@Override
protected void verifyPlaintextPassword(UsernameToken usernameToken,
RequestData data) throws WSSecurityException {
// my code
}
}
What wasn't mentioned in your link was that inInterceptors element must be
in the cxf-servlet.xml. I figured out that from the link I posted in my
first email in this thread.
But this solution is just what I searched.
BR,
Mika
--
View this message in context:
http://cxf.547215.n5.nabble.com/CXF-and-external-authentication-system-tp5602765p5606480.html
Sent from the cxf-user mailing list archive at Nabble.com.