cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Freeman Fang <freeman.f...@gmail.com>
Subject Re: how to pass authentication credentials to service class in cxf webservice
Date Mon, 16 Apr 2012 04:23:17 GMT
Hi,

In your interceptor you can save the authentication parameter in  
message, and in your impl class you can  have code like

@Resource
     private WebServiceContext wsContext;

Then can use code like
             MessageContext ctx = wsContext.getMessageContext();
             Message message =  
((WrappedMessageContext)ctx).getWrappedMessage();
             //here you can get authentication parameter  you saved  
previously from message

Freeman
On 2012-4-13, at 下午9:48, shashi wrote:

> Hi,
>
> I am learning to develop a web service using cxf with spring  
> framework. I
> have developed a sample  authenticated web service application using
> interceptors and I am stuck in passing authentication  
> parameter(username and
> password) to service class which implements the interface.
>
> Web service code is as follows.
>
> Student class:
> public class Student {
>  private String name;
>  public String getName() {
>    return name;
>  }
>  public void setName(String name) {
>    this.name = name;
>  }
> }
>
> Interface:
> @WebService
> public interface ChangeStudentDetails {
>  Student changeName(Student student);
> }
>
> Implementation:
> @WebService(endpointInterface = "com.student.ChangeStudentDetails")
> public class ChangeStudentDetailsImpl implements  
> ChangeStudentDetails {
>    public Student  changeName(Student student) {
>      student.setName("Hello "+student.getName());
>       return student;
>
>    }
>
>
> Interceptor class:
> public class WSSecurityInterceptor extends  
> AbstractPhaseInterceptor<Message>
> {
>
>    public SVWSSecurityInterceptor() {
>        super(Phase.PRE_PROTOCOL);
>    }
>
>    public SVWSSecurityInterceptor(String s) {
>        super(Phase.PRE_PROTOCOL);
>    }
>
>    public void handleMessage(Message message) throws Fault {
>
>        Map props = new HashMap();
>        props.put(WSHandlerConstants.ACTION,
> WSHandlerConstants.USERNAME_TOKEN);
>        CallbackHandler callbackHandler = (CallbackHandler)
> SpringApplicationContextProvider.getInstance().getBean("handler");
>        props.put(WSHandlerConstants.PW_CALLBACK_REF, panPassCallback);
>        WSS4JInInterceptor wss4jInHandler = new  
> WSS4JInInterceptor(props);
>        message.getInterceptorChain().add(new SAAJInInterceptor());
>        message.getInterceptorChain().add(wss4jInHandler);
>
>    }
> }
>
> Callback handler class:
> public class CallbackHandler implements CallbackHandler {
> public void handle(Callback[] callbacks) throws IOException,
> UnsupportedCallbackException {
> WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
> String uname= pc.getIdentifier();
> String upassword=pc.getPassword();
>
> if (uname != null ) {
>
>            List<GrantedAuthority> authorities =
> testmethod.getAuthorities(user, instance);
> 	    authorities.addAll(authorities);
> 	    UsernamePasswordAuthenticationToken result = new
> UsernamePasswordAuthenticationToken(uname, upassword, authorities);
>             
> SecurityContextHolder.getContext().setAuthentication(result);
>        }
>    }
> }
>
> While debugging the application the workflow was as follows  
> Interceptor
> class->callback handler->service class(ChangeStudentDetailsImpl)
>
> Suppose if I want to pass the username and password to service class  
> for
> additional verification of username(username and password are  
> obtained in
> callback handler). How do I do this?
>
> What is the best way to pass the authentication credentials to service
> class?
>
> Any suggestion would be great.
>
> Thank you
> shashi
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/how-to-pass-authentication-credentials-to-service-class-in-cxf-webservice-tp5638346p5638346.html
> Sent from the cxf-issues mailing list archive at Nabble.com.

---------------------------------------------
Freeman Fang

FuseSource
Email:ffang@fusesource.com
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
http://blog.sina.com.cn/u/1473905042
weibo: http://weibo.com/u/1473905042











Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message