axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sumit Shah" <Sumit.S...@cgifederal.com>
Subject Rampart2 1.4 Setting to set transport level user different than message level user
Date Tue, 11 Aug 2009 20:32:42 GMT
Hello,

I am trying to find out a config setting to set transport level user
different than the message level user. 


What I have is the following scenario:

1. I have a service call that uses a no-auth privileges user as the
transport level user.
2. I set the actual business user in the Message level security in the
WSSecurity header as a UsernameToken. 


Rampart is able to correctly authenticate the message level user, but
the transport level user gets passed down to the business logic which
fails authorization. 

Is there a way to pass the message level user instead of the transport
level user to the business logic?

Thanks
Sumit


SAMPLE SOAP Request


<soap:Envelope xmlns:acc="http://impl.webservices.ams.com"
xmlns:ref="http://ref.sr.domain.com/"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope">

   <soap:Header><wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd"><wsu:Timestamp wsu:Id="Timestamp-12"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"><wsu:Created>2009-08-11T19:36:20Z</wsu:Created><w
su:Expires>2009-08-11T19:53:00Z</wsu:Expires></wsu:Timestamp><wsse:Usern
ameToken wsu:Id="UsernameToken-11"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"><wsse:Username>sumitshah</wsse:Username><wsse:Pas
sword
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t
oken-profile-1.0#PasswordText">XXXXXX</wsse:Password></wsse:UsernameToke
n></wsse:Security></soap:Header>

   <soap:Body>

      <acc:review>

         <acc:Select>

            <ref:name>cp0805a</ref:name>

         </acc:Select>

      </acc:review>

   </soap:Body>

</soap:Envelope>

Mime
View raw message