I think an interceptor like you proposed might be the best solution long
term as it allows to keep the auth stuff out of the business code.
Christian
Am 19.07.2012 17:31, schrieb Sergey Beryozkin:
Hi Christian
On 19/07/12 06:53, Christian Schneider wrote:
I donĀ“t think a static gssCredential in the spring config can help. The
credentials may be different on each call.
I thought Spring would be able to offer some per-request wrapper :-)
Instead I think we need to set the property on the client just before
the call. This is how it would look in the wsdl_first example:
org.apache.cxf.endpoint.Client client =
org.apache.cxf.frontend.ClientProxy.getClient(customerService);
client.setThreadLocalRequestContext(true);
Map<String, Object> reqContext = client.getRequestContext();
reqContext.put("org.ietf.jgss.GSSCredential", gssCredentials);
customers = customerService.getCustomersByName("Smith");
Not sure if this works but it should be worth a try.
Yeah, that is possible too - another option is to get a GSSCredential
retrieved from within a custom out interceptor (itself registered from
Spring) and then set it on a current message. I guess much depends on
the way the credential can be actually obtained from the original
SecurityContext which Tomcat and/or Spring Sec create, lets see what
solution Josef will find :-).
Cheers, Sergey
--
Christian Schneider
http://www.liquid-reality.de
Open Source Architect
Talend Application Integration Division http://www.talend.com
