You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by meteora28 <s....@web.de> on 2011/07/04 13:57:36 UTC
Authorization for single web service operations? + Adding something
to SOAP header/message manually?
Currently I am doing the authorization for a whle service, as it was decribed
in the tutorial.
Is it possible to authorize only single operations with CXF?
Is it also possible to add something to the SOAP header/envelope manually?
Thank you!
--
View this message in context: http://cxf.547215.n5.nabble.com/Authorization-for-single-web-service-operations-Adding-something-to-SOAP-header-message-manually-tp4549777p4549777.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: How to transform from Source(Document) to CXF Message?
Posted by Sergey Beryozkin <sb...@gmail.com>.
Hi
On 25/08/11 03:19, XiLai Dai wrote:
> Thanks Sergey! But it didn't works after testing.
> Also tested with WrappedMessageContext:
>
> WrappedMessageContext wmc = (WrappedMessageContext)context.getMessageContext();
> Message msg = wmc.getWrappedMessage();
> CustomInfo customInfo = new CustomInfo();
> customInfo.putAll(...);
> msg.put(CustomInfo.class, customInfo);
>
> still not works. The CustomInfo can't be got from Interceptor.
>
It may be that no out message is created and thus the custom properties
are saved on the inbound message.
In you custom out interceptor try:
CustomInfo ci = (CustomInfo)outMessage.get(CustomInfo.class);
if (ci == null) {
ci =
(CustomInfo)outMessage.getExchange().getInMessage().get(CustomInfo.class);
}
Cheers, Sergey
>
> Regards.
> Xilai
> -----Original Message-----
> From: Sergey Beryozkin [mailto:sberyozkin@gmail.com]
> Sent: Wednesday, August 24, 2011 5:49 PM
> To: users@cxf.apache.org
> Subject: Re: How to transform from Source(Document) to CXF Message?
>
> Hi Xilai
>
> On Wed, Aug 24, 2011 at 2:44 AM, XiLai Dai<xl...@talend.com> wrote:
>> Hi, there,
>>
>> Now, we've implemented a Provide like this:
>>
>> @javax.xml.ws.ServiceMode(value = javax.xml.ws.Service.Mode.PAYLOAD)
>> @javax.xml.ws.WebServiceProvider()
>> public class ProviderBase implements javax.xml.ws.Provider<javax.xml.transform.Source> {
>>
>> //@javax.jws.WebMethod(exclude=true)
>> public final Source invoke(Source request) {
>> //how to transform request or return Source to Message, so we can add some custom properties class to it:
>> CustomInfo customInfo = new CustomInfo();
>> message.put (CustomInfo.class, customInfo);
>> }
>> }
>>
>> So, in the invoke() method, how to transform request or return Source to Message? so we can add some custom properties class to it, and then our Interceptor class can get them.
>>
>
> I think you need to inject WebServiceContext and then set a property
> on it, something like
> wsContext.getMessageContext().put(CustomInfo.class.getName(),
> customInfo);
>
> and then access it on the outbound CXF Message inside the interceptor...
>
> Cheers, Sergey
>
>
>> Thanks!
>> Xilai
>>
>
>
>
RE: How to transform from Source(Document) to CXF Message?
Posted by XiLai Dai <xl...@talend.com>.
Thanks Sergey! But it didn't works after testing.
Also tested with WrappedMessageContext:
WrappedMessageContext wmc = (WrappedMessageContext)context.getMessageContext();
Message msg = wmc.getWrappedMessage();
CustomInfo customInfo = new CustomInfo();
customInfo.putAll(...);
msg.put(CustomInfo.class, customInfo);
still not works. The CustomInfo can't be got from Interceptor.
Regards.
Xilai
-----Original Message-----
From: Sergey Beryozkin [mailto:sberyozkin@gmail.com]
Sent: Wednesday, August 24, 2011 5:49 PM
To: users@cxf.apache.org
Subject: Re: How to transform from Source(Document) to CXF Message?
Hi Xilai
On Wed, Aug 24, 2011 at 2:44 AM, XiLai Dai <xl...@talend.com> wrote:
> Hi, there,
>
> Now, we've implemented a Provide like this:
>
> @javax.xml.ws.ServiceMode(value = javax.xml.ws.Service.Mode.PAYLOAD)
> @javax.xml.ws.WebServiceProvider()
> public class ProviderBase implements javax.xml.ws.Provider<javax.xml.transform.Source> {
>
> //@javax.jws.WebMethod(exclude=true)
> public final Source invoke(Source request) {
> //how to transform request or return Source to Message, so we can add some custom properties class to it:
> CustomInfo customInfo = new CustomInfo();
> message.put (CustomInfo.class, customInfo);
> }
> }
>
> So, in the invoke() method, how to transform request or return Source to Message? so we can add some custom properties class to it, and then our Interceptor class can get them.
>
I think you need to inject WebServiceContext and then set a property
on it, something like
wsContext.getMessageContext().put(CustomInfo.class.getName(),
customInfo);
and then access it on the outbound CXF Message inside the interceptor...
Cheers, Sergey
> Thanks!
> Xilai
>
--
Sergey Beryozkin
http://sberyozkin.blogspot.com
Talend - http://www.talend.com
Re: How to transform from Source(Document) to CXF Message?
Posted by Sergey Beryozkin <sb...@gmail.com>.
Hi Xilai
On Wed, Aug 24, 2011 at 2:44 AM, XiLai Dai <xl...@talend.com> wrote:
> Hi, there,
>
> Now, we've implemented a Provide like this:
>
> @javax.xml.ws.ServiceMode(value = javax.xml.ws.Service.Mode.PAYLOAD)
> @javax.xml.ws.WebServiceProvider()
> public class ProviderBase implements javax.xml.ws.Provider<javax.xml.transform.Source> {
>
> //@javax.jws.WebMethod(exclude=true)
> public final Source invoke(Source request) {
> //how to transform request or return Source to Message, so we can add some custom properties class to it:
> CustomInfo customInfo = new CustomInfo();
> message.put (CustomInfo.class, customInfo);
> }
> }
>
> So, in the invoke() method, how to transform request or return Source to Message? so we can add some custom properties class to it, and then our Interceptor class can get them.
>
I think you need to inject WebServiceContext and then set a property
on it, something like
wsContext.getMessageContext().put(CustomInfo.class.getName(),
customInfo);
and then access it on the outbound CXF Message inside the interceptor...
Cheers, Sergey
> Thanks!
> Xilai
>
--
Sergey Beryozkin
http://sberyozkin.blogspot.com
Talend - http://www.talend.com
How to transform from Source(Document) to CXF Message?
Posted by XiLai Dai <xl...@talend.com>.
Hi, there,
Now, we've implemented a Provide like this:
@javax.xml.ws.ServiceMode(value = javax.xml.ws.Service.Mode.PAYLOAD)
@javax.xml.ws.WebServiceProvider()
public class ProviderBase implements javax.xml.ws.Provider<javax.xml.transform.Source> {
//@javax.jws.WebMethod(exclude=true)
public final Source invoke(Source request) {
//how to transform request or return Source to Message, so we can add some custom properties class to it:
CustomInfo customInfo = new CustomInfo();
message.put (CustomInfo.class, customInfo);
}
}
So, in the invoke() method, how to transform request or return Source to Message? so we can add some custom properties class to it, and then our Interceptor class can get them.
Thanks!
Xilai
Re: Authorization for single web service operations? + Adding something to SOAP header/message manually?
Posted by Daniel Kulp <dk...@apache.org>.
On Tuesday, August 23, 2011 2:26:32 AM meteora28 wrote:
> doing it this way, (post above) the whole service is affected.
> how can I "activate/deactivate" the auth for a single method in this
> service? otherwise I am not able to execute this method.
Really, I think the only way to do this would be by using WS-SecurityPolicy
and marking the usernameToken stuff as optional. That would allow the WSS4J
stuff to process it if it's there, or ignore it if it's not.
Then you would need a separate interceptor that would check the message to see
if it DID process a username and map that to the operation to see if it's
allowed or not.
Dan
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/Authorization-for-single-web-service-operat
> ions-Adding-something-to-SOAP-header-message-manually-tp4549777p4726106.html
> Sent from the cxf-user mailing list archive at Nabble.com.
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
Talend - http://www.talend.com
Re: Authorization for single web service operations? + Adding
something to SOAP header/message manually?
Posted by meteora28 <s....@web.de>.
doing it this way, (post above) the whole service is affected.
how can I "activate/deactivate" the auth for a single method in this
service? otherwise I am not able to execute this method.
--
View this message in context: http://cxf.547215.n5.nabble.com/Authorization-for-single-web-service-operations-Adding-something-to-SOAP-header-message-manually-tp4549777p4726106.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: Authorization for single web service operations? + Adding
something to SOAP header/message manually?
Posted by meteora28 <s....@web.de>.
Thank you for your answer.
Authorization, I am doing this way:
...
factory.setServiceClass(Service.class);
factory.setAddress(serviceAddress);
Service service = this.factory.create(Service.class);
Client client = ClientProxy.getClient(device);
Endpoint endpoint = client.getEndpoint();
Map<String, Object> properties = new HashMap<String,
Object>();
properties.put(WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN);
properties.put(WSHandlerConstants.USER, x.getUsername());
properties.put(WSHandlerConstants.PASSWORD_TYPE,
x.getPasswordType());
properties.put(WSHandlerConstants.PW_CALLBACK_CLASS,
AuthService.class.getName());
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(properties);
endpoint.getOutInterceptors().add(wssOut);
...
This authorizes every method for the service Service. How to use this for
single operations? or de-/activate the authorization for a single method?
--
View this message in context: http://cxf.547215.n5.nabble.com/Authorization-for-single-web-service-operations-Adding-something-to-SOAP-header-message-manually-tp4549777p4560140.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: Authorization for single web service operations? + Adding something to SOAP header/message manually?
Posted by Daniel Kulp <dk...@apache.org>.
On Monday, July 04, 2011 4:57:36 AM meteora28 wrote:
> Currently I am doing the authorization for a whle service, as it was
> decribed in the tutorial.
> Is it possible to authorize only single operations with CXF?
Sure. Depends on how you are doing it. I'm not sure which of the tutorials you are referring to.
> Is it also possible to add something to the SOAP header/envelope manually?
http://cxf.apache.org/faq.html#FAQ-HowcanIaddsoapheaderstotherequest%2Fresponse%3F
Dan
>
> Thank you!
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/Authorization-for-single-web-service-operat
> ions-Adding-something-to-SOAP-header-message-manually-tp4549777p4549777.html
> Sent from the cxf-user mailing list archive at Nabble.com.
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
Talend - http://www.talend.com