CODEWITHSUNDEEP
apache-axisrampartwsse
SJuan76
SJuan76

Reputation: 24780

Rampart: Define password without using CallbackHandler

I have the following working code, that successfully connects to a WS using WSSecurity with UsernameToken authentication:

public void addValidation(
    Stub stub) throws Exception {

    ServiceClient serviceClient = stub._getServiceClient();

    serviceClient.engageModule("rampart");
    Options options = serviceClient.getOptions();
    options.setProperty(
        WSSHandlerConstants.OUTFLOW_SECURITY,
        getOutflowConfiguration());
    serviceClient.setOptions(options);
}

private Parameter getOutflowConfiguration() {

    OutflowConfiguration outflowConfiguration =
        new OutflowConfiguration();
    outflowConfiguration.setActionItems(
        "UsernameToken");
    outflowConfiguration.setUser(
        this.username);
    outflowConfiguration.setPasswordType(
        "PasswordText");
    outflowConfiguration.setPasswordCallbackClass(
        "es.ssib.otic.inte_portafib.cliente_custodia_axis2.PWCBHandler");
    return
        outflowConfiguration.getProperty();
}

Now, since I want to pass the password programatically, I am trying to configure the password as a parameter, but it does not work.

I have tried replacing the "outflow configuration" with 

    options.setUserName(
        this.username);
    options.setPassword(
        this.password);

But those fields are ignored by Axis 2 completely.

I have tried using this example

public void addValidation(
    Stub stub) throws Exception {

    ServiceClient serviceClient =
        stub._getServiceClient();

    Options options = serviceClient.getOptions();
    options.setUserName(this.username);
    options.setPassword(this.password);
    options.setProperty(
        RampartMessageData.KEY_RAMPART_OUT_POLICY,
        loadPolicy());
    serviceClient.engageModule("rampart");
}

private Policy loadPolicy() throws XMLStreamException, IOException {
    InputStream resource = new FileInputStream([path to policy.xml]");  
    StAXOMBuilder builder = new StAXOMBuilder(resource);
    return PolicyEngine.getPolicy(builder.getDocumentElement());
}}

with this policy file

<wsp:Policy wsu:Id="UsernameToken" xmlns:wsu=
  "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
  xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
  <wsp:ExactlyOne>
    <wsp:All>
      <sp:SupportingTokens
         xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
      <wsp:Policy>
         <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/
             ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"/>
       </wsp:Policy>
     </sp:SupportingTokens>
  </wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>

but it fails with the message:

Incorrect inclusion value: -1

I am using Rampart 1.5 with Axis2 1.4

UPDATE: I know how to make the CallbackHandler check a static constant, or to invoke some data object to get the password. But I do not want to do that.

Upvotes: 3

Views: 200

Answers (0)

Related Questions