cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jasminadesai <>
Subject cxf-rt-ws-security 2.2.1 works and 2.3.11 does not with the same code
Date Tue, 12 Aug 2014 01:47:25 GMT

I have a custom callbackhandler and custom userdetailsservice in my

I use cxf-rt-ws-security 2.2.1

Here is snippet from my custom callbackhandler.

protected void handleWSPasswordCallback(WSPasswordCallback callback) {
        String username = callback.getIdentifer(); //For 2.3.11 this changes
to getIdentifier
        String password = callback.getPassword();
        try {
                String encPwd =
                UsernamePasswordAuthenticationToken token = new
UsernamePasswordAuthenticationToken(username, encPwd);
                Authentication auth =
        } catch (Exception e) {
            throw new SecurityException("Authentication Failed.");

and here is a snippet from the custom userdetailsservice.

public UserDetails loadUserByUsername(String username) throws
UsernameNotFoundException, DataAccessException {
	String accountId = (1);
	Account account = serviceLocator.getAccountRepository ().lookupAccount (new
Long (accountId));

	// Grant our base authorities.
	List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority> ();
	authorities.add (new GrantedAuthorityImpl (ROLE_MERCHANT_ACCOUNT));

	UserDetails userDetails = new User (username, account.getPassword(), true,
true, true, account.isStatusActive (), authorities.toArray (new
GrantedAuthority[authorities.size ()]));

	return userDetails;

This code works perfectly fine with cxf version 2.2.1.
The moment I change the version to 2.3.11, it starts giving me "Bad
Credentials" exception.

Can someone please help me with this. If I debug the code in 2.3.11, the
UsernamePasswordAuthenticationToken password and the password is the db is
exactly the same. I still get "Bad Credentials".


View this message in context:
Sent from the cxf-user mailing list archive at

View raw message