Dynamic username & password in UsernameToken profile

Sat, 24 Aug 2013 07:58:13 -0700 

Hi all,
I got the ws-policy for UsernameToken with X509Token asymmetric binding from http://pic.dhe.ibm.com/infocenter/radhelp/v9/index.jsp?topic=%2Fcom.ibm.websphere.wlp.nd.multiplatform.doc%2Fae%2Fcwlp_wssec_templates_scenario4.html working using the sample code for http://www.jroller.com/gmazza/entry/cxf_x509_profile with minor modifications. 

Basically, after modifying wsdl, I need to:


1. added the 2 new lines in cxf.xml of client code below to specify 
username & password in UsernameToken profile



    <jaxws:client 
name="{http://www.example.org/contract/DoubleIt}DoubleItPort"; 
createdFromAPI="true">

        <jaxws:properties>

            <!-- added for UsernameToken -->
            <entry key="ws-security.username" value="joe" />
            <entry key="ws-security.password" value="joepassword" />
            ...
        </jaxws:properties>


    The client side also has an existing simple callback handler for 
keystore as



        public class ClientKeystorePasswordCallback implements 
CallbackHandler {


                private Map<String, String> passwords =
                new HashMap<String, String>();

                public ClientKeystorePasswordCallback() {
                passwords.put("myclientkey", "ckpass");
                }


                public void handle(Callback[] callbacks) throws 
IOException, UnsupportedCallbackException {

                for (int i = 0; i < callbacks.length; i++) {

                    WSPasswordCallback pc = 
(WSPasswordCallback)callbacks[i];


                    String pass = passwords.get(pc.getIdentifier());
                    if (pass != null) {
                    pc.setPassword(pass);
                    return;
                    }
                }
                }
        }



2. modify callback handler in Server side to add entry for username & 
password hard coded above, i.e.




    public class ServiceKeystorePasswordCallback implements 
CallbackHandler {


            private Map<String, String> passwords =
            new HashMap<String, String>();

            public ServiceKeystorePasswordCallback() {
            passwords.put("myservicekey", "skpass");

            passwords.put("joe", "joepassword");
            }


            public void handle(Callback[] callbacks) throws 
IOException, UnsupportedCallbackException {

            for (int i = 0; i < callbacks.length; i++) {
                WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];

                String pass = passwords.get(pc.getIdentifier());
                if (pass != null) {
                pc.setPassword(pass);
                return;
                }
            }
            }
        }


Now my question is if I want to change the username & password of step 1 
above programatically at runtime rather than hard coding it in xml,

what's the best practice to go about this?


Create another callback handler like ClientKeystorePasswordCallback is 
what I can think of.


Thanks,
Sam






















					Reply via email to