I have a situation where I need to be able to take a SOAPMessage and validate
it using *either* username/password or a certificate. However, I have
having trouble stepping my code up to CXF 2.7.5 running in Karaf after
previously running a pretty old version of Servicemix.
What I did to make this work before was to create my own interceptor that
extends WSS4JInInterceptor and passed into my interceptor an
ACTION=UsernameToken and ACTION=Signature interceptor. Then, in my
handleMessage() I start by passing the SoapMessage to the UsernameToken
interceptor. If it throws an exception, I pass the SoapMessage to the
Signature interceptor. I remember having trouble getting this working
originally, and to fix it I did a shallow soapMessage.clone(). However,
this is no longer working with CXF 2.7.5.... If I first pass the SoapMessage
to the UsernameToken interceptor, and then pass it to the Signature
interceptor, I get an exception:
org.apache.cxf.staxutils.DepthExceededStaxException: reach the
innerElementCountThreshold:50000
I'm pretty sure the correct way to do this is NOT to pass the same
SoapMessage to multiple interceptors (since they modify the message),
however I don't know how to accomplish this otherwise. I understand WSS4J
1.6 now has the concept of Validators, which I'm using for my UsernameToken
validation (against an LDAP directory), but I don't know how to accomplish a
2-way "choice" validation of my security header. Can anyone point me in the
right direction? If it would help I can post some code samples.
Thank you!!
Joseph
--
View this message in context:
http://cxf.547215.n5.nabble.com/2-possible-validators-interceptors-tp5731252.html
Sent from the cxf-user mailing list archive at Nabble.com.
