The SecurityConstants configuration tags only apply to WS-SecurityPolicy configuration, and not when you are using the WSS4JOutInterceptor. Instead you can use "ConfigurationConstants.SAML_CALLBACK_CLASS".
Colm. On Tue, Sep 18, 2018 at 10:38 AM Burkard Stephan <stephan.burk...@visana.ch> wrote: > Thanks Colm > > I just found an example with a WSS4JOutInterceptor and my > SamlCallbackHandler gets called now. > > What I noticed: On the WSS4JOutInterceptor I have to use > ConfigurationConstants.SAML_CALLBACK_REF. When I use > SecurityConstants.SAML_CALLBACK_HANDLER instead, I get an error saying that > no SAML callback handler is defined. > > @Bean > public WSS4JOutInterceptor wss4JOutInterceptor(final > SamlCallbackHandler samlCallbackHandler) { > Map<String, Object> properties = new HashMap<>(); > properties.put(ConfigurationConstants.ACTION, > ConfigurationConstants.SAML_TOKEN_SIGNED); > properties.put(ConfigurationConstants.SAML_CALLBACK_REF, > samlCallbackHandler); > return new WSS4JOutInterceptor(properties); > } > > @Bean > public Dispatch<Source> myClient (final WSS4JOutInterceptor > wss4JOutInterceptor) { > QName serviceName = new QName("namespace", "service"); > QName portName = new QName("namespace ", "port"); > Service service = Service.create(serviceName); > service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING, > "address"); > Dispatch<Source> dispatch = service.createDispatch(portName, > Source.class, Service.Mode.PAYLOAD); > Client client = > ((org.apache.cxf.jaxws.DispatchImpl)dispatch).getClient(); > client.getInInterceptors().add(new LoggingInInterceptor()); > client.getOutInterceptors().add(new LoggingOutInterceptor()); > client.getOutInterceptors().add(wss4JOutInterceptor); > return dispatch; > } > > Stephan > > > -----Ursprüngliche Nachricht----- > Von: Colm O hEigeartaigh <cohei...@apache.org> > Gesendet: Dienstag, 18. September 2018 11:21 > An: users@cxf.apache.org > Betreff: Re: Configure SamlCallbackHandler for Dispatch client > > Putting it on the client request context should work. The question is > though, how are you configuring that a SAML token is required? Setting the > SAML CallbackHandler is not enough - either you need to have a SamlToken > policy assertion in the WSDL (or in a local policy file) or else you need > to set up the WSS4JOutInterceptor to configure it to include a SAML token. > > Colm. > > On Mon, Sep 17, 2018 at 4:19 PM Burkard Stephan <stephan.burk...@visana.ch > > > wrote: > > > Hi > > > > I am trying to "decorate" an outgoing web service call with a SAML > > token for authentication. Therefore I have written a > > SamlCallbackHandler. It is for sure not yet complete, but I am already > > failing to configure it onto my CXF client which is a Dispatch client. > > > > I have found that I need to configure the key > > SecurityConstants.SAML_CALLBACK_HANDLER with my SamlCallbackHandler > > instance. > > > > I also found JAX-B based examples who configure the handler on the web > > service port type: > > ((BindingProvider)saml2Port).getRequestContext().put( > > "ws-security.saml-callback-handler", new SamlCallbackHandler() > > ); > > > > But my dispatch client has no port type class. It looks like this > > (simplified names): > > > > @Bean > > public Dispatch<Source> myClient(final SamlCallbackHandler > > samlCallbackHandler) { > > QName serviceName = new QName("namespace", "service"); > > QName portName = new QName("namespace ", "port"); > > Service service = Service.create(serviceName); > > service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING, > > "address"); > > Dispatch<Source> dispatch = service.createDispatch(portName, > > Source.class, Service.Mode.PAYLOAD); > > Client client = > > ((org.apache.cxf.jaxws.DispatchImpl)dispatch).getClient(); > > client.getInInterceptors().add(new LoggingInInterceptor()); > > client.getOutInterceptors().add(new LoggingOutInterceptor()); > > return dispatch; > > } > > > > On this client I tried to configure my SamlCallbackHandler like this: > > > > 1. > > client.getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER > > , > > samlCallbackHandler); > > 2. > > client.getEndpoint().put(SecurityConstants.SAML_CALLBACK_HANDLER, > > samlCallbackHandler); > > > > Unfortunately none of them works, the handle method of the handler is > > never called and therefore the outgoing request has no token. > > > > How can I configure the SamlCallbackHandler on a Dispatch client? I > > did not found an example in the CXF project. > > > > Thanks > > Stephan > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com