Hi Colm, In what you are showing, it create an instance of the client for each user. That's what I've coded so far, but If i've 2000 users connected simultanely on my webserver, it would be very resources consumming right ?
Indeed, what I would like to do is dynamically set the unsername in the WSS4JOutInterceptor, but so far, I didn't find a way to do that. So maybe it's for security reason that we're not allowed to specify dynamically the credential on the client. Now I'm looking at SAML to call webservices (the client part, the server part is already implemented in a product, it use send voucher type)... It's quite difficult to enter in this subject :-/ Thanks for your help, Thomas. On Fri, Jul 12, 2013 at 4:24 PM, Colm O hEigeartaigh <[email protected]>wrote: > It's easy to do if you use WS-SecurityPolicy, as this takes configuration > from the MessageContext. For example: > > Service service = Service.create(wsdl, SERVICE_QNAME); > QName portQName = new QName(NAMESPACE, "DoubleItPlaintextPrincipalPort"); > DoubleItPortType utPort = service.getPort(portQName, > DoubleItPortType.class); > > > ((BindingProvider)utPort).getRequestContext().put(SecurityConstants.USERNAME, > "Alice"); > > For the older "action" based approach you are using, I guess you could > provide access to the properties Map used to configure the > WSS4JOutInterceptor in a CXF Interceptor, that changes the username > property dynamically? > > Colm. > > > On Wed, Jul 10, 2013 at 5:29 PM, Thomas Manson > <[email protected]>wrote: > > > Hi, > > > > I need to call a web service provider and specify on the fly the > > username/password (and later use SAML (header & body need to be signed)). > > > > I'm in a context of a J2EE multiuser application, and I have to call > the > > web service provider with the credential of the user connected to the web > > application. > > > > Later I'll have to implement SAML implementation (and X509 if I've > time), > > and I would like to be able to put this in the same code base, where you > > switch authentication type by configuration. > > > > > > Here is below the current implémentation I've and that is working, > > I can see that I can use the PasswordCallback to get the password, but > I've > > no option to set dynamically the username. > > > > For the password, I was planning to use ThreadLocal to retrieve the > > password, If you have other suggestions, I'm eager to hear it. > > > > > > I've seen related to AbstractUsernameTokenInInterceptor, but I don't > have a > > full example with both username & password dynamically setted. > > > > If you have any full example, or documation to point me out, would be > great > > ;) > > > > Thanks, > > Thomas. > > > > > > *final* String password = *this*.password; > > > > > > > > JaxWsProxyFactoryBean factory = *new* JaxWsProxyFactoryBean(); > > > > factory.setServiceClass(WorkListService.*class*); > > > > factory.setAddress(*this*.endpoint); > > > > // > > > > > factory.setWsdlLocation("D:/ARTIC/SOURCE/artic/trunk/webapp/src/main/webapp/WSDL/brm.wsdl"); > > > > factory.setServiceName(*new* QName("http://services.brm.n2.tibco.com > ", > > "WorkListService")); > > > > WorkListService workListService = (WorkListService) factory.create(); > > > > > > > > Client client = ClientProxy.*getClient*(workListService); > > > > > > > > Map<String, Object> properties = *new* HashMap<String, Object>(); > > > > properties.put(WSHandlerConstants.*ACTION*, WSHandlerConstants.* > > USERNAME_TOKEN*); > > > > properties.put(WSHandlerConstants.*USER*, *this*.username); > > > > properties.put(WSHandlerConstants.*PASSWORD_TYPE*, > > WSConstants.*PW_TEXT* > > );// "PasswordDigest" > > > > properties.put(WSHandlerConstants.*PW_CALLBACK_REF*, > > *new*CallbackHandler() > > > > { > > > > *public* *void* handle(Callback[] callbacks) *throws* IOException, > > UnsupportedCallbackException > > > > { > > > > WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; > > > > pc.setPassword(password); > > > > } > > > > }); > > > > > > > > client.getOutInterceptors().add(*new* > WSS4JOutInterceptor(properties)); > > > > > > > > HTTPConduit conduit = (HTTPConduit) client.getConduit(); > > > > > > > > *long* timeoutMillis = timeout * 1000; > > > > > > > > HTTPClientPolicy policy = *new* HTTPClientPolicy(); > > > > policy.setConnectionTimeout(timeoutMillis); > > > > policy.setReceiveTimeout(timeoutMillis); > > > > > > > > conduit.setClient(policy); > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com >
