You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by CauchyPeano <de...@gmail.com> on 2020/01/15 12:46:54 UTC
Custom validation of Security Context Token
Hello
I am wondering what is the right way to configure validation for Security
Context Token.
I have a following token:
<soapenv:Header>
<wsse:Security>
<wsc:SecurityContextToken>
<wsc:Identifier>bipro:up.JsKkyMqC5E5PyWencTY7AZbAMSBM8C</wsc:Identifier>
</wsc:SecurityContextToken>
</wsse:Security>
</soapenv:Header>
I need just to check on other service if this token is valid or not. I am
trying to understand where and how to write this code. I am implementing
following interface: org.apache.wss4j.dom.validate.Validator
So far I have following questions:
1. What do I need to set in Validator.validate in Credential result object
to indicate that validation was successful or not?
2. How do I access Credential data from my Cxf Service Endpoint
Implementation?
Thanks in advance
Igor
--
Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html
Re: Custom validation of Security Context Token
Posted by Colm O hEigeartaigh <co...@apache.org>.
Answers inline.
> 1. What do I need to set in Validator.validate in Credential result object
> to indicate that validation was successful or not?
>
Validation is deemed to be successful if there is a valid Credential object
returned, and no exception is thrown.
> 2. How do I access Credential data from my Cxf Service Endpoint
> Implementation?
>
The SecurityContextToken is validated here:
https://github.com/apache/ws-wss4j/blob/a85fd33f2d41f92edabb1d629946a87f524d7fd7/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
It stores the DOM Element corresponding to the SecurityContextToken, the
token Id, and a secret key associated with the token in a
WSSecurityEngineResult,
which can be accessed by CXF down the line.
Colm.
>
> Thanks in advance
> Igor
>
>
>
> --
> Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html
>