You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by Sde <de...@gmail.com> on 2015/06/14 18:14:57 UTC

Unable to get operation name in WSS4JInInterceptor

Hello,
I am trying to implement WS-Security by overriding WSS4JInInterceptor and
get the username, password and the operation as consumer will be given
access by operation. The services had no security earlier, so we want to
make it optional till all the consumers are migrated. I am using Spring and
CXF 2.3.4.

1. I am not able to read the operation name, from the SoapMessage in
handleMessage(). I think the only way I have is to parse the InputStream. Is
this the right way?
2. Is there a better way to achieve my use case .

Thanks!



--
View this message in context: http://cxf.547215.n5.nabble.com/Unable-to-get-operation-name-in-WSS4JInInterceptor-tp5758273.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: Unable to get operation name in WSS4JInInterceptor

Posted by Daniel Kulp <dk...@apache.org>.

> On Jun 14, 2015, at 12:14 PM, Sde <de...@gmail.com> wrote:
> 
> Hello,
> I am trying to implement WS-Security by overriding WSS4JInInterceptor and
> get the username, password and the operation as consumer will be given
> access by operation. The services had no security earlier, so we want to
> make it optional till all the consumers are migrated. I am using Spring and
> CXF 2.3.4.
> 
> 1. I am not able to read the operation name, from the SoapMessage in
> handleMessage(). I think the only way I have is to parse the InputStream. Is
> this the right way?
> 2. Is there a better way to achieve my use case .
> 
> Thanks!

During the normal processing that occurs in the WSS4JInInterceptors, we would have no way of determining which operation is being called.   For example, if the body is encrypted, there really is no way to determine the operation. Looking at the body wouldn’t help at all.

If it’s an access control, the best option is an interceptor that runs after the WSS4J stuff and looks at the principal stored on the message to determine the access rights.

-- 
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com