Jakob, Every MessageExchange allows you to add a SecuritySubject, so I guess you could use that to send along the requester of the service to the BC endpoint and then use an Interceptor to build your webservice request from it. We might be able to build this into the CXF-BC endpoints by default, so feel free to raise a JIRA to have that investigated.
Regards, Gert Vanthienen ------------------------ Open Source SOA: http://fusesource.com Blog: http://gertvanthienen.blogspot.com/ 2009/5/21 Jakob Günther <[email protected]>: > Hi, > > I am using servicemix3.2.4-SNAPSHOT. > > I have to access an secured external service. It is secured by ws-security. > > The user calls my cxfse by a cxfbc. I think i can delegate the credentials > from the cxfbc to the cxfse. > http://cwiki.apache.org/SM/discussion-forums.html#nabble-td21973209 > > > But now the cxfse has to call a secured external service. I use cxfse:proxy > for this. This secured external service needs the credentials of the user. > > to set fix user name and password in the bc is no problem. but how can I > pass or use the credentials of the user who initialized all. > > Thanks in advance, > Jakob > > xbean.xml of the cxfse: > > <cxfse:endpoint> > <cxfse:pojo> > <bean class="my.example.ServiceProxy"> > <property name="calculator"> > <cxfse:proxy service="sec:SecuredService" context="#context" > type="my.example.SecuredServicePortType" /> > </property> > </bean> > </cxfse:pojo> > </cxfse:endpoint> > > > The xbean.xml of the cxfbc is: > > <cxfbc:provider service="sec:SecuredService" ... > > <cxfbc:outInterceptors> > <ref bean="saajout"/> > <ref bean="wss4jout"/> > </cxfbc:outInterceptors> > </cxfbc:provider> > > > <bean id="saajout" > class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/> > > <bean id="wss4jout" > class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> > <constructor-arg> > <map> > <entry key="action" value="UsernameToken"/> > <entry key="user" value="joe"/> > <entry key="passwordType" value="PasswordDigest"/> > <entry key="passwordCallbackClass" > value="my.example.auth.TestPwdCallback"/> > </map> > </constructor-arg> > </bean> > > >
