Re: Read out header information with CXF-interceptor

Thu, 07 Jan 2010 18:34:21 -0800 

Hi,
Seems you are using SecuredBroker, which delegate the auth to JAAS, but you didn't add your user/password to the configuration, that's why you saw the exception. 

You need do
edit $SMX_HOME/conf/users-passwords.properties
add
wss4j=xyz

edit $SMX_HOME/conf/groups.properties
replace
admin=smx
with
admin=smx,wss4j

Freeman
On 2010-1-7, at 下午10:42, Philip wrote:


Hi,



On Tue, Jan 5, 2010 at 2:46 PM, Freeman Fang  
<[email protected]> wrote:



You also need add SAAJInInterceptor & WSS4JInInterceptor for cxf bc  
consumer

endpoint inInterceptors, which extract and save necessary info to  
the vector
You may need take a look at xbean-jaas.xml[1], to learn how it  
could be


[1]
https://svn.apache.org/repos/asf/servicemix/components/bindings/servicemix-cxf-bc/trunk/src/test/resources/org/apache/servicemix/cxfbc/ws/security/xbean-jaas.xml

Freeman



we added the SAAJ & WSS4J this way:
     <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"
id="saajin" />
     <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"
id="wss4jin">
        <constructor-arg>
           <map>
              <entry key="action" value="UsernameToken"/>
              <entry key="passwordType" value="PasswordText"/>
              <entry key="user" value="wss4j"/>
              <entry key="passwordCallbackRef">
                      <ref bean="myPasswordCallback"/>
              </entry>
           </map>
        </constructor-arg>
     </bean>


with our callback class we can read out the Username and Password  
but we get

following error:


Caused by: javax.security.auth.login.FailedLoginException: User does  
not

exist

The username we send is "wss4j" and the password is "xyz". This is our
callback handler class:

public class ServerPasswordCallback implements CallbackHandler {

   private static final Log logger =
LogFactory.getLog(ServerPasswordCallback.class);
   private static Map passwords = new HashMap();

   static {
           passwords.put("wss4j", "xyz");
   }

   public void handle(Callback[] callbacks) throws IOException,
                   UnsupportedCallbackException {
           for (int i = 0; i < callbacks.length; i++) {
                   WSPasswordCallback pc = (WSPasswordCallback)
callbacks[i];

                   String pass = (String)  
passwords.get(pc.getIdentifer());


                   if (pass != null) {
                           pc.setPassword(pass);
                   }
                   else { throw new
UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); }


                   logger.info("pw-callback done");  // we get this  
in the

console
           }
   }


Do you know what we have to do? Where does the Handler validate the
username? Or what does this error mean?

Thanks again,
Nicolas and Philip



--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
























					Reply via email to