cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Isuranga Perera <isurangamper...@gmail.com>
Subject Re: [Dev] WSS4JStaxInInterceptor SecurityEvent
Date Wed, 09 Aug 2017 15:18:02 GMT
I'm using CXF security policy enforcement without CXF transport. I convert
the policy file to a Neethi object and used PolicyInInterceptor to get
required interceptors to process the security header. I managed to verify
security successfully with stream security enabled.

But now I can't extract the soap body to pass to the service. I need to
know about interceptors which can continue the process from here.

On Wed, Aug 9, 2017 at 8:32 PM, Colm O hEigeartaigh <coheigea@apache.org>
wrote:

> What exactly are you trying to do with the streaming security interceptors?
>
> Colm.
>
> On Tue, Aug 8, 2017 at 4:53 PM, Isuranga Perera <isurangamperera@gmail.com
> > wrote:
>
>> Hi Colm
>>
>> Thanks for the immediate response. I managed to add stream security
>> interceptors and process security headers. But I found out that they change
>> message.getContent(StreamReader.class). So can you suggest a way to
>> extract SOAPBody from the content?
>>
>> Best Regards
>>
>> On Tue, Aug 8, 2017 at 7:52 PM, Colm O hEigeartaigh <coheigea@apache.org>
>> wrote:
>>
>>> It's not something that you should need to configure. It's used by the
>>> streaming WS-Security code inside WSS4J to retrieve security "events"
>>> from
>>> either inbound or outbound processing. For example, on an inbound request
>>> you might decrypt a key which you might then need to use to secure the
>>> message reply.
>>>
>>> Colm.
>>>
>>> On Tue, Aug 8, 2017 at 10:51 AM, Isuranga Perera <
>>> isurangamperera@gmail.com>
>>> wrote:
>>>
>>> > Hi
>>> >
>>> > I'm using CXF security processing with stream security. There I was
>>> able
>>> > to find
>>> >
>>> > List<SecurityEvent> requestSecurityEvents =
>>> >                 (List<SecurityEvent>) soapMessage.getExchange().get(
>>> SecurityEvent.class.getName()
>>> > + ".out");
>>> >
>>> >
>>> > Appreciate if you can explain how to set this SecurityEvent extension
>>> > manually and the purpose of it.
>>> >
>>> > Best Regards
>>> >
>>>
>>>
>>>
>>> --
>>> Colm O hEigeartaigh
>>>
>>> Talend Community Coder
>>> http://coders.talend.com
>>>
>>
>>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message