Hello, I build some ServiceMix gateway for our business services. The whole project uses osgi bundles as deployment model. Used ServiceMix version: apache-servicemix-4.4.1-fuse-01-06
The *cxfbc:consumer* accepts SOAP requests, makes logging and authentication (username token with password in plain text). It uses WSS4JInInterceptor together with JAAS configured authentication and authorization to access LDAP login module. All of this works fine. I have no own password callback-handler for the incoming/outgoing messages, WSS4JInInterceptor is configured with the *ws-security.validate.token*=false property, so JAAS does all the work. The *cxfbc:producer* shall only forward the incomming message together with all SOAP headers (especially WS-Security header) to our business services. *How can I configure the cxfbc:producer to include the username and password catched from JAAS?* Is it possible or I can not use cxfbc:producer and must use some simple http forwarder? The incoming message shall be forwarded only after successfully authentization in JAAS. I included my test configuration. http://servicemix.396122.n5.nabble.com/file/n5518767/beans_cxf.xml beans_cxf.xml http://servicemix.396122.n5.nabble.com/file/n5518767/isl_a.wsdl isl_a.wsdl Thanks, Radomir -- View this message in context: http://servicemix.396122.n5.nabble.com/cxfbc-provider-with-WS-Security-and-previous-JAAS-authentication-tp5518767p5518767.html Sent from the ServiceMix - User mailing list archive at Nabble.com.
