I just committed some code that will make this much easier in cxf
2.1.2/2.0.8, but that isn't going to help you right now.
A couple of options...
1) Use a subclass of WSS4JInInterceptor (this would be my preferred
approach as it mimics what I just committed). Basically, override the
handleMessage call to do:
public void handleMessage(SoapMessage msg) throws Fault {
super.handleMessage(msg);
List< WSSecurityEngineResult > recv =
(List)msg.get("RECV_RESULTS");
for (WSSecurityEngineResult o : recv) {
final Principal p =
(Principal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
if (p != null) {
SecurityContext c = new SecurityContext() {
public Principal getUserPrincipal() {
return p;
}
public boolean isUserInRole(String role) {
return false;
}
};
msg.put(SecurityContext.class, c);
break;
}
}
}
In your Impl, you then would just do:
@Resource
WebServiceContext ctx;
.....
Principal p = ctx.getUserPrincipal();
and query whatever you need from that. (it would probably be a
WSUsernameTokenPrincipal which has the password and other things
stored in it, but if you use x509 certs, it would be a
X509Principal) Once 2.1.2/2.0.8 comes out, you could remove the
WSS4JInInterceptor subclass and the code would still work.
2) In you impl, you could do:
@Resource
WebServiceContext ctx;
.....
MessageContext ctx = (MessageContext) wsContext.getMessageContext();
List recv = (List)ctx.get("RECV_RESULTS");
WSHandlerResult wsResult = (WSHandlerResult)recv.get(0);
WSSecurityEngineResult wsseResult =
(WSSecurityEngineResult)wsResult.getResults().get(0);
Principal principal =
(Principal)wsseResult.get(WSSecurityEngineResult.TAG_PRINCIPAL);
3) Like (1), you could subclass WSS4JInInterceptor and copy stuff out
of it and call "msg.put(key, value)" for anything you want. Then
query them from the WebServiceContext.
Dan
On Jul 2, 2008, at 6:43 AM, Selena85 wrote:
Dan I spend a lot of time trying to do it, but I still cannot achieve
success. Maybe You can show me some code snipet.
Regards
dkulp wrote:
On Jun 30, 2008, at 5:04 AM, Selena85 wrote:
Hello I'm newbie in CXF and Spring. My task is to prepear user
authenthication and to log user activities. Now I've got user
authenthication using WSS4JInInterceptor and callback - and it's
work fine.
My problem is, how to pass authentication data (username) to the
endpoint
implementor class (translatorServiceImpl). Is there any way to do
this using
Spring (set a property in class translatorServiceImpl)?
No, because there is a single instance of the Impl created and is
used
during all invocations. The way this is done is to add:
@Resource
WebServiceContext ctx;
To your Impl and the context should get injected. From the context
(which is thread local), you can query any items that are stored in
the Message object in your interceptor.
Dan
<!-- Service endpoint -->
<jaxws:endpoint id="translatorService"
implementor="#translatorServiceImpl" address="/translation">
<jaxws:serviceFactory>
<ref bean="jaxws-and-aegis-service-factory" />
</jaxws:serviceFactory>
<jaxws:inInterceptors>
<bean
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType"
value="PasswordText" />
<entry key="passwordCallbackClass"
value="pl.waga.service.ServerAuthorizationCallback" />
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
--
View this message in context:
http://www.nabble.com/SOAP-Header-tp18191401p18191401.html
Sent from the cxf-user mailing list archive at Nabble.com.
---
Daniel Kulp
[EMAIL PROTECTED]
http://www.dankulp.com/blog
--
View this message in context:
http://www.nabble.com/SOAP-Header-tp18191401p18234718.html
Sent from the cxf-user mailing list archive at Nabble.com.
---
Daniel Kulp
[EMAIL PROTECTED]
http://www.dankulp.com/blog
