cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <dk...@apache.org>
Subject Re: SOAP Header
Date Wed, 02 Jul 2008 17:19:39 GMT

I just committed some code that will make this much easier in cxf  
2.1.2/2.0.8, but that isn't going to help you right now.

A couple of options...

1) Use a subclass of WSS4JInInterceptor (this would be my preferred  
approach as it mimics what I just committed).  Basically, override the  
handleMessage call to do:
     public void handleMessage(SoapMessage msg) throws Fault {
	super.handleMessage(msg);
         List< WSSecurityEngineResult > recv =  
(List)msg.get("RECV_RESULTS");
         for (WSSecurityEngineResult o : recv) {
             final Principal p =  
(Principal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
             if (p != null) {
                 SecurityContext c = new SecurityContext() {
                     public Principal getUserPrincipal() {
                         return p;
                     }
                     public boolean isUserInRole(String role) {
                         return false;
                     }
                 };
                 msg.put(SecurityContext.class, c);
                 break;
             }
         }
     }

In your Impl, you then would just do:

@Resource
WebServiceContext ctx;
.....
Principal p = ctx.getUserPrincipal();
and query whatever you need from that.  (it would probably be a  
WSUsernameTokenPrincipal which has the password and other things  
stored in it, but if you use x509 certs, it would be a  
X509Principal)   Once 2.1.2/2.0.8 comes out, you could remove the  
WSS4JInInterceptor subclass and the code would still work.

2) In you impl, you could do:

@Resource
WebServiceContext ctx;
.....
MessageContext ctx = (MessageContext) wsContext.getMessageContext();
List recv = (List)ctx.get("RECV_RESULTS");
WSHandlerResult wsResult = (WSHandlerResult)recv.get(0);
WSSecurityEngineResult wsseResult =  
(WSSecurityEngineResult)wsResult.getResults().get(0);
Principal principal =  
(Principal)wsseResult.get(WSSecurityEngineResult.TAG_PRINCIPAL);


3) Like (1), you could subclass WSS4JInInterceptor and copy stuff out  
of it and call "msg.put(key, value)" for anything you want.   Then  
query them from the WebServiceContext.


Dan













On Jul 2, 2008, at 6:43 AM, Selena85 wrote:

>
> Dan I spend a lot of time trying to do it, but I still cannot achieve
> success. Maybe You can show me some code snipet.
> Regards
>
> dkulp wrote:
>>
>>
>> On Jun 30, 2008, at 5:04 AM, Selena85 wrote:
>>
>>>
>>> Hello I'm newbie in CXF and Spring. My task is to prepear user
>>> authenthication and to log user activities. Now I've got user
>>> authenthication using WSS4JInInterceptor and callback - and it's
>>> work fine.
>>> My problem is, how to pass authentication data (username) to the
>>> endpoint
>>> implementor class (translatorServiceImpl). Is there any way to do
>>> this using
>>> Spring (set a property in class translatorServiceImpl)?
>>
>> No, because there is a single instance of the Impl created and is  
>> used
>> during all invocations.     The way this is done is to add:
>>
>> @Resource
>> WebServiceContext ctx;
>>
>> To your Impl and the context should get injected.   From the context
>> (which is thread local), you can query any items that are stored in
>> the Message object in your interceptor.
>>
>> Dan
>>
>>
>>
>>>
>>> <!-- Service endpoint -->
>>>   <jaxws:endpoint id="translatorService"
>>>       implementor="#translatorServiceImpl" address="/translation">
>>>       <jaxws:serviceFactory>
>>>           <ref bean="jaxws-and-aegis-service-factory" />
>>>       </jaxws:serviceFactory>
>>>       <jaxws:inInterceptors>
>>>           <bean
>>>
>>> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
>>>               <constructor-arg>
>>>                   <map>
>>>                       <entry key="action" value="UsernameToken" />
>>>                       <entry key="passwordType"
>>> value="PasswordText" />
>>>                       <entry key="passwordCallbackClass"
>>>
>>> value="pl.waga.service.ServerAuthorizationCallback" />
>>>                   </map>
>>>               </constructor-arg>
>>>           </bean>
>>>       </jaxws:inInterceptors>
>>>   </jaxws:endpoint>
>>>
>>> -- 
>>> View this message in context:
>>> http://www.nabble.com/SOAP-Header-tp18191401p18191401.html
>>> Sent from the cxf-user mailing list archive at Nabble.com.
>>>
>>
>> ---
>> Daniel Kulp
>> dkulp@apache.org
>> http://www.dankulp.com/blog
>>
>>
>>
>>
>>
>>
>
> -- 
> View this message in context: http://www.nabble.com/SOAP-Header-tp18191401p18234718.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>

---
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog





Mime
View raw message