Ok thanks for that. As i really needed to access the signature holder in
the password callback handler I found the following (albeit rather hacky)
way of doing it if anyone is interested:
public void handle(Callback[] callbacks) throws UnsupportedCallbackException
{
for (int i = 0; i < callbacks.length; i++)
{
if (callbacks[i] instanceof WSPasswordCallback)
{
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
String username = null;
try
{
// Extract the client's public key from the soap header
MessageContext mc = MessageContext.getCurrentContext();
String header = mc.getCurrentMessage().getSOAPHeader()
.toString();
// Search through the header to find where the key is
header = header.substring(header
.indexOf("<wsse:BinarySecurityToken"), header
.indexOf("</wsse:BinarySecurityToken>"));
String key = header.substring(header.indexOf('>') + 1);
// Create a X509 certificate containing the client's data
that was just extracted
ByteArrayInputStream bis = new ByteArrayInputStream(
("-----BEGIN CERTIFICATE-----\n" + key + "\n-----END
CERTIFICATE-----")
.getBytes());
CertificateFactory cf =
CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) cf
.generateCertificate(bis);
username = cert.getSubjectX500Principal().getName();
// Remove the "cn=" part
username = username.substring(3);
bis.close();
} catch (Exception ex)
From: "Ruchith Fernando" <[EMAIL PROTECTED]>
To: "Dave Bagguley" <[EMAIL PROTECTED]>
CC: [email protected]
Subject: Re: Retrieving the user's alias from a signature
Date: Mon, 6 Nov 2006 17:15:44 +0530
Yep .. its not available at the callback handler ... the callback
handler is called while within the security handler. And security
results are available only after the security handler
(WSDoAllreceiver) returns.
thanks,
Ruchith
On 11/6/06, Dave Bagguley <[EMAIL PROTECTED]> wrote:
I can get the code from the FAQ to work when I put it in my service
implementation but not when I put it in the password callback class where
I
need it.
>From: "Dave Bagguley" <[EMAIL PROTECTED]>
>To: [email protected]
>Subject: Re: Retrieving the user's alias from a signature
>Date: Mon, 06 Nov 2006 09:55:13 +0000
>
>Yes I think I've set up the security handlers properly at the service
>because the encrypted message gets sent to the service and the service's
>password callback sets the password and the client recieves the correct
>message back from the service.
>
>Below is my server config:
>declare namespace wsdd="http://xml.apache.org/axis/wsdd/";;
>
><deployment
> xmlns="http://xml.apache.org/axis/wsdd/";
> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";>
>
><globalConfiguration>
> <parameter name="sendXsiTypes" value="true"/>
> <parameter name="sendMultiRefs" value="true"/>
> <parameter name="sendXMLDeclaration" value="true"/>
> <requestFlow>
> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"
>name="withutandsig">
> <parameter name="passwordCallbackClass"
> value="com.exampleService3.security.PWCallback2"/>
> <parameter name="action" value="Encrypt Signature"/>
> <parameter name="signaturePropFile" value="crypto.properties" />
> <parameter name="decryptionPropFile" value="crypto.properties" />
> </handler>
> </requestFlow>
></globalConfiguration>
><handler name="LocalResponder"
>type="java:org.apache.axis.transport.local.LocalResponder"/>
><handler name="URLMapper"
>type="java:org.apache.axis.handlers.http.URLMapper"/>
><handler name="Authenticate"
>type="java:org.apache.axis.handlers.SimpleAuthenticationHandler"/>
>
> {doc("deploy.wsdd")/wsdd:deployment/wsdd:service}
>
> <transport name="http">
> <requestFlow>
> <handler type="URLMapper"/>
> <handler
type="java:org.apache.axis.handlers.http.HTTPAuthHandler"/>
> </requestFlow>
> </transport>
> <transport name="local">
> <responseFlow>
> <handler type="LocalResponder"/>
> </responseFlow>
> </transport>
></deployment>
>
>My client config is:
><deployment
> xmlns="http://xml.apache.org/axis/wsdd/";
> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";>
> <transport name="http"
>pivot="java:org.apache.axis.transport.http.HTTPSender"/>
> <globalConfiguration>
> <requestFlow>
> <handler type="java:org.apache.ws.axis.security.WSDoAllSender"
>e="DoSecuritySender">
> </handler>
> </requestFlow>
> </globalConfiguration>
></deployment>
>
>The line from the FAQ that causes the null pointer exception in my
password
>callback class is:
>Vector results = (Vector)
>msgContext.getProperty(WSHandlerConstants.RECV_RESULTS);
>
>When I use
>msgContext.getCurrentContext().getAllPropertyNames(); the following list
of
>property names is returned, as you can see RECV_RESULTS is not in the
list.
>home.dir
>wsdlServiceElement
>jws.classDir
>configPath
>transport.url
>wsdlServicePort
>transport.http.servletPathInfo
>sendXsiTypes
>sendXMLDeclaration
>attachments.implementation
>allowedMethods
>remoteaddr
>path
>wsdlPortType
>realpath
>transport.http.servletLocation
>sendMultiRefs
>className
>adminPassword
>transport.http.servlet
>typeMappingVersion
>wsdlTargetNamespace
>servletEndpointContext
>attachments.Directory
>attachments.directory
>transport.http.servletResponse
>enableNamespacePrefixOptimization
>disablePrettyXML
>javax.xml.soap.character-set-encoding
>transport.http.servletRequest
>
>
>>From: "Ruchith Fernando" <[EMAIL PROTECTED]>
>>To: "Dave Bagguley" <[EMAIL PROTECTED]>
>>CC: [email protected]
>>Subject: Re: Retrieving the user's alias from a signature
>>Date: Sun, 5 Nov 2006 19:44:37 +0530
>>
>>Hi,
>>
>>Have you setup the security handlers properly at the service? If the
>>inflow security handler (WSDoAllReceiver) was invoked you will be able
>>to obtain the security processing results as mentioned in the WSS4J
>>FAQ.
>>
>>Thanks,
>>Ruchith
>>
>>On 11/3/06, Dave Bagguley <[EMAIL PROTECTED]> wrote:
>>>Hello,
>>>
>>>I am sending a signed and encrypted soap message to service and I am
>>>trying
>>>to extract the alias of the user from the signature contained in the
soap
>>>message. I want to do this in the password callback class of the
>>>service.
>>>From using TCPMonitor I can tell that the users certificate is
contained
>>>in
>>>the soap message but I don't know how to extract the alias name or any
>>>other
>>>information from it.
>>>
>>>I have tried using the technique mentioned in the WSS4J FAQ at
>>>http://wiki.apache.org/ws/FrontPage/WsFx/wss4jFAQ#usernme but it
doesn't
>>>work as (Vector)
msgContext.getProperty(WSHandlerConstants.RECV_RESULTS)
>>>returns null.
>>>
>>>Any help would be greatly appreciated
>>>
>>>_________________________________________________________________
>>>Be the first to hear what's new at MSN - sign up to our free
newsletters!
>>>http://www.msn.co.uk/newsletters
>>>
>>>
>>>---------------------------------------------------------------------
>>>To unsubscribe, e-mail: [EMAIL PROTECTED]
>>>For additional commands, e-mail: [EMAIL PROTECTED]
>>>
>>>
>>
>>
>>--
>>www.ruchith.org
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: [EMAIL PROTECTED]
>>For additional commands, e-mail: [EMAIL PROTECTED]
>>
>
>_________________________________________________________________
>Windows LiveĀ Messenger has arrived. Click here to download it for free!
>http://imagine-msn.com/messenger/launch80/?locale=en-gb
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>
_________________________________________________________________
Be the first to hear what's new at MSN - sign up to our free newsletters!
http://www.msn.co.uk/newsletters
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
_________________________________________________________________
The new Windows Live Toolbar helps you guard against viruses
http://toolbar.live.com/?mkt=en-gb
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
