Hi
I am trying to "decorate" an outgoing web service call with a SAML token for
authentication. Therefore I have written a SamlCallbackHandler. It is for sure
not yet complete, but I am already failing to configure it onto my CXF client
which is a Dispatch client.
I have found that I need to configure the key
SecurityConstants.SAML_CALLBACK_HANDLER with my SamlCallbackHandler instance.
I also found JAX-B based examples who configure the handler on the web service
port type:
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler()
);
But my dispatch client has no port type class. It looks like this (simplified
names):
@Bean
public Dispatch<Source> myClient(final SamlCallbackHandler
samlCallbackHandler) {
QName serviceName = new QName("namespace", "service");
QName portName = new QName("namespace ", "port");
Service service = Service.create(serviceName);
service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING, "address");
Dispatch<Source> dispatch = service.createDispatch(portName,
Source.class, Service.Mode.PAYLOAD);
Client client =
((org.apache.cxf.jaxws.DispatchImpl)dispatch).getClient();
client.getInInterceptors().add(new LoggingInInterceptor());
client.getOutInterceptors().add(new LoggingOutInterceptor());
return dispatch;
}
On this client I tried to configure my SamlCallbackHandler like this:
1. client.getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER,
samlCallbackHandler);
2. client.getEndpoint().put(SecurityConstants.SAML_CALLBACK_HANDLER,
samlCallbackHandler);
Unfortunately none of them works, the handle method of the handler is never
called and therefore the outgoing request has no token.
How can I configure the SamlCallbackHandler on a Dispatch client? I did not
found an example in the CXF project.
Thanks
Stephan
