axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Imhof <michael.im...@nowhow.ch>
Subject Re: Accessing authentication information
Date Thu, 20 Sep 2007 11:43:41 GMT

I found the solution I was looking for:

http://www.unix.org.ua/orelly/java-ent/servlet/ch08_01.htm
Chapter 8.2: Security in a servlet

Michael

Michael Imhof wrote:
> 
> Thanks Anthony,
> 
> that's exactly what I wanna do. But the problem starts already at
> the first line because "MessageContext.getCurrentMessageContext();" is
> returning <null>!
> 
> Do you have an idea why this is <null>?
> 
> Michael
> 
> PS: The webserver I'm using is from the apache ofbiz project. There is a
> ofbiz nabble forum but
> I posted the problem here because I think it's more a axis specific
> problem (probably I'm wrong?).
> 
> 
> 
> Anthony Bull wrote:
>> 
>> 
>> Hi Michael, 
>> 
>> there are newer ways of doing this, but I haven't gotten around to
>> getting them working (had difficulties....). 
>> 
>> In your skeleton try the following - it has a deprecated call in it,
>> but it still works with 1.2 and 1.3, so is fine for the time being...... 
>> 
>> &nbsp;//&nbsp;Extract&nbsp;the&nbsp;username&nbsp;token&nbsp;from&nbsp;the&nbsp;soap&nbsp;headers.&nbsp;This&nbsp;uses&nbsp;deprecated

>> &nbsp;&nbsp;//&nbsp;axis-2&nbsp;methods&nbsp;on&nbsp;WSSecurityEngineResult,&nbsp;which&nbsp;probably&nbsp;need&nbsp;to&nbsp;be&nbsp;replaced

>> &nbsp;&nbsp;//&nbsp;with&nbsp;the&nbsp;newer&nbsp;code,&nbsp;once&nbsp;it&nbsp;is&nbsp;discovered&nbsp;what&nbsp;that&nbsp;code&nbsp;is.

>> &nbsp;&nbsp;private&nbsp;String&nbsp;getUserNameToken()&nbsp;{

>> &nbsp;&nbsp;&nbsp;try&nbsp;{ 
>> &nbsp;&nbsp;&nbsp;&nbsp;MessageContext&nbsp;messageContext&nbsp;=&nbsp;MessageContext.getCurrentMessageContext();

>> &nbsp;&nbsp;&nbsp;&nbsp;logger.debug(&nbsp;"Method&nbsp;call:&nbsp;getUserNameToken");

>> &nbsp;&nbsp;&nbsp;&nbsp;Vector&nbsp;results&nbsp;=&nbsp;null;

>> &nbsp;&nbsp;&nbsp;&nbsp;if&nbsp;((results&nbsp;=&nbsp;(Vector)&nbsp;messageContext.getProperty(&nbsp;WSHandlerConstants.RECV_RESULTS))&nbsp;==&nbsp;null)&nbsp;{

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logger.debug(&nbsp;"Exceptional&nbsp;return:&nbsp;no&nbsp;security&nbsp;headers&nbsp;in&nbsp;message&nbsp;context");

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;throw&nbsp;new&nbsp;RuntimeException(&nbsp;"No&nbsp;security&nbsp;headers&nbsp;available&nbsp;in&nbsp;message&nbsp;context!!");

>> &nbsp;&nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;&nbsp;&nbsp;else&nbsp;{ 
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logger.debug(&nbsp;"results&nbsp;size&nbsp;=&nbsp;"&nbsp;+&nbsp;results.size());

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;for&nbsp;(int&nbsp;i=0;&nbsp;i&lt;results.size();&nbsp;i++)&nbsp;{

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;//&nbsp;Get&nbsp;hold&nbsp;of&nbsp;the&nbsp;WSHandlerResult&nbsp;instance.

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WSHandlerResult&nbsp;rResult&nbsp;=&nbsp;(WSHandlerResult)&nbsp;results.get(&nbsp;i);

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Vector&nbsp;wsSecEngineResults&nbsp;=&nbsp;rResult.getResults();

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logger.debug(&nbsp;"wsEngineResults.size&nbsp;=&nbsp;"&nbsp;+&nbsp;wsSecEngineResults.size());

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;for&nbsp;(&nbsp;int&nbsp;j=0;&nbsp;j&lt;wsSecEngineResults.size();&nbsp;j++)&nbsp;{

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;//Get&nbsp;hold&nbsp;of&nbsp;the&nbsp;WSSecurityEngineResult&nbsp;instance

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WSSecurityEngineResult&nbsp;engineResult&nbsp;=&nbsp;(WSSecurityEngineResult)&nbsp;wsSecEngineResults.get(&nbsp;j);

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logger.debug(&nbsp;"engineResult.getPrincipal()&nbsp;=&nbsp;"&nbsp;+&nbsp;engineResult.getPrincipal());

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if&nbsp;(&nbsp;engineResult.getPrincipal()&nbsp;instanceof&nbsp;WSUsernameTokenPrincipal)&nbsp;{

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;//&nbsp;Extract&nbsp;the&nbsp;principal.

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WSUsernameTokenPrincipal&nbsp;principal&nbsp;=&nbsp;(WSUsernameTokenPrincipal)&nbsp;engineResult.getPrincipal();

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;//Get&nbsp;user/pass

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logger.debug(&nbsp;"Normal&nbsp;return:&nbsp;getUserNameToken&nbsp;result&nbsp;=&nbsp;"&nbsp;+&nbsp;principal.getName());

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;return&nbsp;principal.getName();

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;//String&nbsp;passwd&nbsp;=&nbsp;principal.getPassword();

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}

>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;&nbsp;&nbsp;throw&nbsp;new&nbsp;RuntimeException(&nbsp;"Username&nbsp;security&nbsp;header&nbsp;not&nbsp;available&nbsp;in&nbsp;message&nbsp;context!!");

>> &nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;&nbsp;catch&nbsp;(&nbsp;RuntimeException&nbsp;e)&nbsp;{

>> &nbsp;&nbsp;&nbsp;&nbsp;//&nbsp;Log&nbsp;any&nbsp;exceptions&nbsp;before&nbsp;rethrowing&nbsp;them,&nbsp;as&nbsp;axis2&nbsp;doesnt&nbsp;tend&nbsp;to

>> &nbsp;&nbsp;&nbsp;&nbsp;//&nbsp;log&nbsp;message&nbsp;receiver&nbsp;errors.

>> &nbsp;&nbsp;&nbsp;&nbsp;logger.error(&nbsp;e.getMessage(),&nbsp;e);

>> &nbsp;&nbsp;&nbsp;&nbsp;throw&nbsp;e; 
>> &nbsp;&nbsp;&nbsp;} 
>> &nbsp;&nbsp;} 
>> 
>> Michael Imhof wrote:
>> 
>>   We're using Axis Webservices and they are secured by basic
>> authentication.
>> 
>> Now, I would to access the user/password information of the basic
>> authentication
>> (this information must be send to the server anywhere).
>> 
>> How can I access this information.
>> 
>> Regards,
>> 
>> Michael
>>   
>> 
>> 
>> 
>> 
>> 
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>> 
>> 
>> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Accessing-authentication-information-tf4481853.html#a12795377
Sent from the Axis - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org


Mime
View raw message