Hi On 02/04/12 21:26, semecxf wrote:
I have ws-policy for user to submit user name and password to access my service, however in Password call back handler I don't have access to original password from client. I found this http://blog.jeshurun.ca/technology/jax-ws-web-services-with-spring-and-cxf tutorial and follow, but it is not working for me may be because I am using ws-policy.Any idea how to incorporate ws-policy usertoken with custome authentication. I have tried the following config for my service, but my custom validator was not called. <jaxws:endpoint id="testws" implementor="ws.TestServiceWS" wsdlLocation="wsdl/testws.wsdl" address="/testservicews"> <jaxws:properties> <entry key="ws-security.validate.token" value="false" /> <entry key="ws-security.ut.no-callbacks" value="true" /> <entry key="ws-security.ut.validator" value="authentication.ws.UTValidator" /> </jaxws:properties> </jaxws:endpoint>
The 1st and the last can not be used with each other, the 2nd is the old variant of the 1st one and not checked by 2.5.x. If you need to do the custom authentication then check Colm's blog, using the validator alone should do, however I'm not sure it works with ws-policy, another option then is to extend WSS4JInterceptor, example:
http://svn.apache.org/repos/asf/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec10/server/CustomUsernameTokenInterceptor.java or may be http://svn.apache.org/repos/asf/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssec10/server/SimpleSubjectCreatingInterceptor.java Sergey
Can someone helps how to use custom authentication with ws-policy? -- View this message in context: http://cxf.547215.n5.nabble.com/CXF-2-5-2-Custom-UserToken-Validator-Authentication-tp5613268p5613268.html Sent from the cxf-user mailing list archive at Nabble.com.
-- Sergey Beryozkin Talend Community Coders http://coders.talend.com/ Blog: http://sberyozkin.blogspot.com
