Quantcast

how to select ws-security.username.sct *and* password from callback?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

how to select ws-security.username.sct *and* password from callback?

Markus Schulz
Hello,

I need a jaxws-Client with a "SecureConversationToken" policy
(configured in the wsdl).
I've configued the client like: (cxf.xml)

<jaxws:client name="{http://www.bipro.net/namespace}LebenVertragService"
createdFromAPI="true">
  <jaxws:properties>
    <entry key="ws-security.sts.client" value-ref="stsClient"/>
    <!-- properties for the SecureConversationToken bootstrap policy -->
    <!--<entry key="ws-security.username.sct"
value="#{systemProperties['sts.login1']}"/>-->
    <!--<entry key="ws-security.password.sct"
value="#{systemProperties['sts.password1']}"/>-->
    <entry key="ws-security.callback-handler.sct" value-
ref="cxfClientPasswordCallback"/>
  </jaxws:properties>
</jaxws:client>

<bean id="stsClient"
class="org.intentus.esb.afa.soap.CustomSOAPActionSTSClient">
  <constructor-arg ref="cxf"/>
  ...
</bean>

But i need to call the same client twice, with different
username/password combination for the token service.
How can i do this?
In the callback-handler i cannot change the "Identifier" (with
setIdentifier), only the password can be selected dynamically.
Additional i need to "reset" the last obtained token before calling with
other credentials (cached in Endpoint until token is expired).

The client was called from a switchyard reference (not java).

One solution i've thought about: duplicate the port in the wsdl (with
same porttype) and then i'm forced to duplicate the jaxws:client
definition too and can use different username/passwords settings.
But this way i need to duplicate the switchyard (soap) references too,
which i'm trying to prevent.

Any other suggestions?

regards,
msc



Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: how to select ws-security.username.sct *and* password from callback?

coheigea
Administrator
Probably the simplest way is just to remove your username configuration
from the STS client in spring and specify it in code via e.g.:

((BindingProvider)port).getRequestContext().put("security.username",
"alice");

Colm.

On Mon, Apr 24, 2017 at 2:46 PM, Markus Schulz <[hidden email]> wrote:

> Hello,
>
> I need a jaxws-Client with a "SecureConversationToken" policy
> (configured in the wsdl).
> I've configued the client like: (cxf.xml)
>
> <jaxws:client name="{http://www.bipro.net/namespace}LebenVertragService"
> createdFromAPI="true">
>   <jaxws:properties>
>     <entry key="ws-security.sts.client" value-ref="stsClient"/>
>     <!-- properties for the SecureConversationToken bootstrap policy -->
>     <!--<entry key="ws-security.username.sct"
> value="#{systemProperties['sts.login1']}"/>-->
>     <!--<entry key="ws-security.password.sct"
> value="#{systemProperties['sts.password1']}"/>-->
>     <entry key="ws-security.callback-handler.sct" value-
> ref="cxfClientPasswordCallback"/>
>   </jaxws:properties>
> </jaxws:client>
>
> <bean id="stsClient"
> class="org.intentus.esb.afa.soap.CustomSOAPActionSTSClient">
>   <constructor-arg ref="cxf"/>
>   ...
> </bean>
>
> But i need to call the same client twice, with different
> username/password combination for the token service.
> How can i do this?
> In the callback-handler i cannot change the "Identifier" (with
> setIdentifier), only the password can be selected dynamically.
> Additional i need to "reset" the last obtained token before calling with
> other credentials (cached in Endpoint until token is expired).
>
> The client was called from a switchyard reference (not java).
>
> One solution i've thought about: duplicate the port in the wsdl (with
> same porttype) and then i'm forced to duplicate the jaxws:client
> definition too and can use different username/passwords settings.
> But this way i need to duplicate the switchyard (soap) references too,
> which i'm trying to prevent.
>
> Any other suggestions?
>
> regards,
> msc
>
>
>
>


--
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com
Loading...