Ah! I was indeed using WSS4JInInterceptor. I was adding interceptors manually. Now I'm trying to use the policy framework. So, this time it hit the UsernameTokenInterceptor. So, is the fix to override the UsernameTokenInterceptor and populate the request data context?
Thanks, Vinay -----Original Message----- From: Colm O hEigeartaigh [mailto:[email protected]] Sent: Wednesday, May 16, 2012 4:34 AM To: [email protected] Subject: Re: UsernameTokenValidator Are you sure that you are using the UsernameTokenInterceptor instead of the WSS4JInInterceptor? The reason I ask is that I don't see any change in how the RequestData is constructed in the UsernameTokenInterceptor in 2.4.1: http://svn.apache.org/viewvc/cxf/tags/cxf-2.4.1/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java?view=markup In any case the RequestData should probably be setting the message context here as well. Colm. On Tue, May 15, 2012 at 11:05 PM, Penmatsa, Vinay <[email protected]> wrote: > It might be that UsernameTokenInterceptor is not populating the RequestData's > msgcontext. > Is this deliberate? > UsernameTokenInterceptor.getPrincipal() line #178 > > -Vinay > > > > -----Original Message----- > From: Penmatsa, Vinay [mailto:[email protected]] > Sent: Tuesday, May 15, 2012 5:55 PM > To: [email protected] > Subject: UsernameTokenValidator > > Hi, > I just upgraded to 2.6 from 2.4.1 > I had a custom UsernameTokenValidator where I override > verifyDigestPassword(UsernameToken usernameToken, RequestData data). > Within that I had the following code to get access to request object. > > ####### > SoapMessage soapMsg = (SoapMessage)data.getMsgContext(); > HttpServletRequest request = > (HttpServletRequest)soapMsg.get(AbstractHTTPDestination.HTTP_REQUEST); > ####### > > > In 2.6, soapMsg is null. Is there any other way I can get the HTTP_REQUEST? > > > Regards, > Vinay > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
