Yep .. its not available at the callback handler ... the callback handler is called while within the security handler. And security results are available only after the security handler (WSDoAllreceiver) returns.
thanks, Ruchith On 11/6/06, Dave Bagguley <[EMAIL PROTECTED]> wrote:
I can get the code from the FAQ to work when I put it in my service implementation but not when I put it in the password callback class where I need it. >From: "Dave Bagguley" <[EMAIL PROTECTED]> >To: [email protected] >Subject: Re: Retrieving the user's alias from a signature >Date: Mon, 06 Nov 2006 09:55:13 +0000 > >Yes I think I've set up the security handlers properly at the service >because the encrypted message gets sent to the service and the service's >password callback sets the password and the client recieves the correct >message back from the service. > >Below is my server config: >declare namespace wsdd="http://xml.apache.org/axis/wsdd/";; > ><deployment > xmlns="http://xml.apache.org/axis/wsdd/"; > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > ><globalConfiguration> > <parameter name="sendXsiTypes" value="true"/> > <parameter name="sendMultiRefs" value="true"/> > <parameter name="sendXMLDeclaration" value="true"/> > <requestFlow> > <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver" >name="withutandsig"> > <parameter name="passwordCallbackClass" > value="com.exampleService3.security.PWCallback2"/> > <parameter name="action" value="Encrypt Signature"/> > <parameter name="signaturePropFile" value="crypto.properties" /> > <parameter name="decryptionPropFile" value="crypto.properties" /> > </handler> > </requestFlow> ></globalConfiguration> ><handler name="LocalResponder" >type="java:org.apache.axis.transport.local.LocalResponder"/> ><handler name="URLMapper" >type="java:org.apache.axis.handlers.http.URLMapper"/> ><handler name="Authenticate" >type="java:org.apache.axis.handlers.SimpleAuthenticationHandler"/> > > {doc("deploy.wsdd")/wsdd:deployment/wsdd:service} > > <transport name="http"> > <requestFlow> > <handler type="URLMapper"/> > <handler type="java:org.apache.axis.handlers.http.HTTPAuthHandler"/> > </requestFlow> > </transport> > <transport name="local"> > <responseFlow> > <handler type="LocalResponder"/> > </responseFlow> > </transport> ></deployment> > >My client config is: ><deployment > xmlns="http://xml.apache.org/axis/wsdd/"; > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > <transport name="http" >pivot="java:org.apache.axis.transport.http.HTTPSender"/> > <globalConfiguration> > <requestFlow> > <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >e="DoSecuritySender"> > </handler> > </requestFlow> > </globalConfiguration> ></deployment> > >The line from the FAQ that causes the null pointer exception in my password >callback class is: >Vector results = (Vector) >msgContext.getProperty(WSHandlerConstants.RECV_RESULTS); > >When I use >msgContext.getCurrentContext().getAllPropertyNames(); the following list of >property names is returned, as you can see RECV_RESULTS is not in the list. >home.dir >wsdlServiceElement >jws.classDir >configPath >transport.url >wsdlServicePort >transport.http.servletPathInfo >sendXsiTypes >sendXMLDeclaration >attachments.implementation >allowedMethods >remoteaddr >path >wsdlPortType >realpath >transport.http.servletLocation >sendMultiRefs >className >adminPassword >transport.http.servlet >typeMappingVersion >wsdlTargetNamespace >servletEndpointContext >attachments.Directory >attachments.directory >transport.http.servletResponse >enableNamespacePrefixOptimization >disablePrettyXML >javax.xml.soap.character-set-encoding >transport.http.servletRequest > > >>From: "Ruchith Fernando" <[EMAIL PROTECTED]> >>To: "Dave Bagguley" <[EMAIL PROTECTED]> >>CC: [email protected] >>Subject: Re: Retrieving the user's alias from a signature >>Date: Sun, 5 Nov 2006 19:44:37 +0530 >> >>Hi, >> >>Have you setup the security handlers properly at the service? If the >>inflow security handler (WSDoAllReceiver) was invoked you will be able >>to obtain the security processing results as mentioned in the WSS4J >>FAQ. >> >>Thanks, >>Ruchith >> >>On 11/3/06, Dave Bagguley <[EMAIL PROTECTED]> wrote: >>>Hello, >>> >>>I am sending a signed and encrypted soap message to service and I am >>>trying >>>to extract the alias of the user from the signature contained in the soap >>>message. I want to do this in the password callback class of the >>>service. >>>From using TCPMonitor I can tell that the users certificate is contained >>>in >>>the soap message but I don't know how to extract the alias name or any >>>other >>>information from it. >>> >>>I have tried using the technique mentioned in the WSS4J FAQ at >>>http://wiki.apache.org/ws/FrontPage/WsFx/wss4jFAQ#usernme but it doesn't >>>work as (Vector) msgContext.getProperty(WSHandlerConstants.RECV_RESULTS) >>>returns null. >>> >>>Any help would be greatly appreciated >>> >>>_________________________________________________________________ >>>Be the first to hear what's new at MSN - sign up to our free newsletters! >>>http://www.msn.co.uk/newsletters >>> >>> >>>--------------------------------------------------------------------- >>>To unsubscribe, e-mail: [EMAIL PROTECTED] >>>For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >> >> >>-- >>www.ruchith.org >> >>--------------------------------------------------------------------- >>To unsubscribe, e-mail: [EMAIL PROTECTED] >>For additional commands, e-mail: [EMAIL PROTECTED] >> > >_________________________________________________________________ >Windows Liveā¢ Messenger has arrived. Click here to download it for free! >http://imagine-msn.com/messenger/launch80/?locale=en-gb > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > _________________________________________________________________ Be the first to hear what's new at MSN - sign up to our free newsletters! http://www.msn.co.uk/newsletters --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- www.ruchith.org --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
