Re: Configure SamlCallbackHandler for Dispatch client

Tue, 18 Sep 2018 03:31:35 -0700 

The SecurityConstants configuration tags only apply to WS-SecurityPolicy
configuration, and not when you are using the WSS4JOutInterceptor. Instead
you can use "ConfigurationConstants.SAML_CALLBACK_CLASS".

Colm.

On Tue, Sep 18, 2018 at 10:38 AM Burkard Stephan <stephan.burk...@visana.ch>
wrote:

> Thanks Colm
>
> I just found an example with a WSS4JOutInterceptor and my
> SamlCallbackHandler gets called now.
>
> What I noticed: On the WSS4JOutInterceptor I have to use
> ConfigurationConstants.SAML_CALLBACK_REF. When I use
> SecurityConstants.SAML_CALLBACK_HANDLER instead, I get an error saying that
> no SAML callback handler is defined.
>
>     @Bean
>     public WSS4JOutInterceptor wss4JOutInterceptor(final
> SamlCallbackHandler samlCallbackHandler) {
>         Map<String, Object> properties = new HashMap<>();
>         properties.put(ConfigurationConstants.ACTION,
> ConfigurationConstants.SAML_TOKEN_SIGNED);
>         properties.put(ConfigurationConstants.SAML_CALLBACK_REF,
> samlCallbackHandler);
>         return new WSS4JOutInterceptor(properties);
>     }
>
>     @Bean
>     public Dispatch<Source> myClient (final WSS4JOutInterceptor
> wss4JOutInterceptor) {
>         QName serviceName = new QName("namespace", "service");
>         QName portName = new QName("namespace ", "port");
>         Service service = Service.create(serviceName);
>         service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING,
> "address");
>         Dispatch<Source> dispatch = service.createDispatch(portName,
> Source.class, Service.Mode.PAYLOAD);
>         Client client =
> ((org.apache.cxf.jaxws.DispatchImpl)dispatch).getClient();
>         client.getInInterceptors().add(new LoggingInInterceptor());
>         client.getOutInterceptors().add(new LoggingOutInterceptor());
>         client.getOutInterceptors().add(wss4JOutInterceptor);
>         return dispatch;
>     }
>
> Stephan
>
>
> -----Ursprüngliche Nachricht-----
> Von: Colm O hEigeartaigh <cohei...@apache.org>
> Gesendet: Dienstag, 18. September 2018 11:21
> An: users@cxf.apache.org
> Betreff: Re: Configure SamlCallbackHandler for Dispatch client
>
> Putting it on the client request context should work. The question is
> though, how are you configuring that a SAML token is required? Setting the
> SAML CallbackHandler is not enough - either you need to have a SamlToken
> policy assertion in the WSDL (or in a local policy file) or else you need
> to set up the WSS4JOutInterceptor to configure it to include a SAML token.
>
> Colm.
>
> On Mon, Sep 17, 2018 at 4:19 PM Burkard Stephan <stephan.burk...@visana.ch
> >
> wrote:
>
> > Hi
> >
> > I am trying to "decorate" an outgoing web service call with a SAML
> > token for authentication. Therefore I have written a
> > SamlCallbackHandler. It is for sure not yet complete, but I am already
> > failing to configure it onto my CXF client which is a Dispatch client.
> >
> > I have found that I need to configure the key
> > SecurityConstants.SAML_CALLBACK_HANDLER with my SamlCallbackHandler
> > instance.
> >
> > I also found JAX-B based examples who configure the handler on the web
> > service port type:
> >     ((BindingProvider)saml2Port).getRequestContext().put(
> >     "ws-security.saml-callback-handler", new SamlCallbackHandler()
> >     );
> >
> > But my dispatch client has no port type class. It looks like this
> > (simplified names):
> >
> >     @Bean
> >     public Dispatch<Source> myClient(final SamlCallbackHandler
> > samlCallbackHandler) {
> >         QName serviceName = new QName("namespace", "service");
> >         QName portName = new QName("namespace ", "port");
> >         Service service = Service.create(serviceName);
> >         service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING,
> > "address");
> >         Dispatch<Source> dispatch = service.createDispatch(portName,
> > Source.class, Service.Mode.PAYLOAD);
> >         Client client =
> > ((org.apache.cxf.jaxws.DispatchImpl)dispatch).getClient();
> >         client.getInInterceptors().add(new LoggingInInterceptor());
> >         client.getOutInterceptors().add(new LoggingOutInterceptor());
> >         return dispatch;
> >     }
> >
> > On this client I tried to configure my SamlCallbackHandler like this:
> >
> >     1.
> > client.getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER
> > ,
> > samlCallbackHandler);
> >     2.
> > client.getEndpoint().put(SecurityConstants.SAML_CALLBACK_HANDLER,
> > samlCallbackHandler);
> >
> > Unfortunately none of them works, the handle method of the handler is
> > never called and therefore the outgoing request has no token.
> >
> > How can I configure the SamlCallbackHandler on a Dispatch client? I
> > did not found an example in the CXF project.
> >
> > Thanks
> > Stephan
> >
> >
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to