Hi Gert,
thank you for your reply. I'm glad to here that there seems to be a
simple solution.
But i'm still not successfull.
I added by code an interceptor to my proxy (i did by code because i dont
know a better solution):
xbean.xml is:
....
<cxfse:endpoint>
<cxfse:pojo>
<bean class="my.example.ServiceWithProxy">
<property name="proxyService">
<cxfse:proxy service="sec:SecuredService" context="#context"
type="my.example.SecuredServicePortType" />
</property>
<!-- adding authinterceptor having credentials as a property to add
later by code -->
<property name="authInterceptor">
<ref bean="proxyAuthInterceptor"/>
</property>
</bean>
</cxfse:pojo>
</cxfse:endpoint>
....
here I add my Interceptor in ServiceWithProxy.java:
....
Client client = ClientProxy.getClient(repositoryService);
Endpoint cxfEndpoint = client.getEndpoint();
List<Interceptor> outInterceptors = cxfEndpoint.getOutInterceptors();
outInterceptors.add(authInterceptor);
repositoryService.doService();
....
in my authInterceptor i now try to add the credentials to the exchange:
....
public ProxyAuthSubjectIntercepter() {
super(Phase.MARSHAL);
}
....
public void handleMessage(Message message) throws Fault {
ExchangeImpl exchange = (ExchangeImpl)message.getExchange();
exchange.put(Subject.class, securitySubject);
logger.info(securitySubject); // loggs correct credentials
}
....
Until here everything works fine. But when i now want to access it in
the binding component the securitySubject is lost.
my xbean.xml configuring the interceptor:
....
<cxfbc:provider service="sec:SecuredService" ... >
<cxfbc:outInterceptors>
<ref bean="rabbitAuth"/>
</cxfbc:outInterceptors>
</cxfbc:provider>
<bean id="authOutInterceptor" class="my.example.AuthOutInterceptor"/>
....
and finally my AuthOutInterceptor, where i want to get the securitySubject:
....
public AuthOutInterceptor() {
super(Phase.PRE_LOGICAL);
}
....
public void handleMessage(Message message) throws Fault {
Subject subject = (Subject)message.getContent(Subject.class)
logger.info("Subject is " + subject); //loggs null
}
....
My question how do i get the credentials to AuthOutInterceptor? So that
i can put them into the WSS4JOutInterceptor.
Or is my way to propagate the credentials still the wrong way?
Thanks in advance, Jakob
Gert Vanthienen schrieb:
Jakob,
Every MessageExchange allows you to add a SecuritySubject, so I guess
you could use that to send along the requester of the service to the
BC endpoint and then use an Interceptor to build your webservice
request from it. We might be able to build this into the CXF-BC
endpoints by default, so feel free to raise a JIRA to have that
investigated.
Regards,
Gert Vanthienen
------------------------
Open Source SOA: http://fusesource.com
Blog: http://gertvanthienen.blogspot.com/
2009/5/21 Jakob Günther <[email protected]>:
Hi,
I am using servicemix3.2.4-SNAPSHOT.
I have to access an secured external service. It is secured by ws-security.
The user calls my cxfse by a cxfbc. I think i can delegate the credentials
from the cxfbc to the cxfse.
http://cwiki.apache.org/SM/discussion-forums.html#nabble-td21973209
But now the cxfse has to call a secured external service. I use cxfse:proxy
for this. This secured external service needs the credentials of the user.
to set fix user name and password in the bc is no problem. but how can I
pass or use the credentials of the user who initialized all.
Thanks in advance,
Jakob
xbean.xml of the cxfse:
<cxfse:endpoint>
<cxfse:pojo>
<bean class="my.example.ServiceProxy">
<property name="calculator">
<cxfse:proxy service="sec:SecuredService" context="#context"
type="my.example.SecuredServicePortType" />
</property>
</bean>
</cxfse:pojo>
</cxfse:endpoint>
The xbean.xml of the cxfbc is:
<cxfbc:provider service="sec:SecuredService" ... >
<cxfbc:outInterceptors>
<ref bean="saajout"/>
<ref bean="wss4jout"/>
</cxfbc:outInterceptors>
</cxfbc:provider>
<bean id="saajout"
class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
<bean id="wss4jout"
class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken"/>
<entry key="user" value="joe"/>
<entry key="passwordType" value="PasswordDigest"/>
<entry key="passwordCallbackClass"
value="my.example.auth.TestPwdCallback"/>
</map>
</constructor-arg>
</bean>
