cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <dk...@apache.org>
Subject Re: WS-Security and user information
Date Fri, 23 Jul 2010 15:20:59 GMT
On Friday 23 July 2010 4:39:05 am Antoine Roux wrote:
> Hi,
> I have a web service authenticating with WS-Security. On the server side, I
> set up the WSS4j interceptor and I have a password call back that checks
> the the username/password against my database. The service being called
> subsequently if authentication succeeds needs to know the identity of the
> user.
> What is th right to pass it to the service? Is it to store it in the
> session? Or is there a better way?

It's actually already stored in the session.    If you have the 
WebServiceContext injected, you can call the  getPrincipal method on it which 
will likely be the Principal provided by wss4j in your case.

Dan



> 
> --
> Antoine Roux,
> NetVitesse S.A.R.L
> antoine.roux@net-vitesse.com
> Phone: +33 (0)1 61 37 04 24
> Mobile: +33 (0)6 20 69 07 96
> Fax: +33 (0)1 70 24 87 88

-- 
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog

Mime
View raw message