You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by jing <ta...@nceas.ucsb.edu> on 2011/08/23 18:53:48 UTC

Need help on rampart

Hi, everyone:

I am using UsernameToken Authentication policy in rampart to secure my 
axis 1.4 web service. Here is my call-back handler class on the service 
side:

public class PWHandler implements CallbackHandler {

     private String sessionID = null;
     public void handle (Callback[] callbacks) throws IOException, 
UnsupportedCallbackException {
         for (int i = 0; i < callbacks.length; i++) {
             if (callbacks[i] instanceof WSPasswordCallback) {

                 WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
                 String userName = pc.getIdentifer();
                 String password = pc.getPassword();
                 //System.out.println("the user name is "+userName);
                 //System.out.println("the user password is "+password);
                 AuthenticationInterface authenticator = null;
                 try {
                   authenticator = createAuthenticationInterfaceObject();
                   if(authenticator.authenticate(userName, password)) {
                     if(authenticator instanceof EcogridAuthentication) {
                       EcogridAuthentication ecogrid = 
(EcogridAuthentication) authenticator;
                       sessionID = ecogrid.getSessionID();
                     }
                     //System.out.println("before the return");
                     return;
                   }else {
                     throw new 
UnsupportedCallbackException(callbacks[i], "PWHandlerServer.handle - 
user "+userName+" can't be authenticated");
                   }
                 } catch(Exception e) {
                   throw new UnsupportedCallbackException(callbacks[i], 
"PWHandlerServer.handle - user "+userName+" can't be authenticated : 
"+e.getMessage());
                 }
             }
         }
     }

     /**
      * Get the sessionID from the authentication system
      * @return the sessionID. null will be return if no id was assigned
      */
     public String getSessionID() {
       return sessionID;
     }
}


You can see I have sessionID variable in this class. In my service 
implementation class, i have a method (operation) named execute(). The 
execute() needs to know the
sessionID which was assigned in PWHandler class before calling the 
method.  Is it possible to get the PWHandler instance in execute()? 
Thank you very much.

By the way, Thilina Mahesh Buddhika suggested me to use the policy in 
rampart for my previous issue - how to get username/password in the 
call-back handler class. It works well. I tried to sent that email to 
the mailing list, but failed. The message said my previous email has a 
high spam score. Weird.

Regards,

Jing

---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org