Re: how to select ws-security.username.sct *and* password from callback?

Wed, 26 Apr 2017 03:33:13 -0700 

Probably the simplest way is just to remove your username configuration
from the STS client in spring and specify it in code via e.g.:

((BindingProvider)port).getRequestContext().put("security.username",
"alice");

Colm.

On Mon, Apr 24, 2017 at 2:46 PM, Markus Schulz <[email protected]> wrote:

> Hello,
>
> I need a jaxws-Client with a "SecureConversationToken" policy
> (configured in the wsdl).
> I've configued the client like: (cxf.xml)
>
> <jaxws:client name="{http://www.bipro.net/namespace}LebenVertragService";
> createdFromAPI="true">
>   <jaxws:properties>
>     <entry key="ws-security.sts.client" value-ref="stsClient"/>
>     <!-- properties for the SecureConversationToken bootstrap policy -->
>     <!--<entry key="ws-security.username.sct"
> value="#{systemProperties['sts.login1']}"/>-->
>     <!--<entry key="ws-security.password.sct"
> value="#{systemProperties['sts.password1']}"/>-->
>     <entry key="ws-security.callback-handler.sct" value-
> ref="cxfClientPasswordCallback"/>
>   </jaxws:properties>
> </jaxws:client>
>
> <bean id="stsClient"
> class="org.intentus.esb.afa.soap.CustomSOAPActionSTSClient">
>   <constructor-arg ref="cxf"/>
>   ...
> </bean>
>
> But i need to call the same client twice, with different
> username/password combination for the token service.
> How can i do this?
> In the callback-handler i cannot change the "Identifier" (with
> setIdentifier), only the password can be selected dynamically.
> Additional i need to "reset" the last obtained token before calling with
> other credentials (cached in Endpoint until token is expired).
>
> The client was called from a switchyard reference (not java).
>
> One solution i've thought about: duplicate the port in the wsdl (with
> same porttype) and then i'm forced to duplicate the jaxws:client
> definition too and can use different username/passwords settings.
> But this way i need to duplicate the switchyard (soap) references too,
> which i'm trying to prevent.
>
> Any other suggestions?
>
> regards,
> msc
>
>
>
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to