You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by catequil <br...@yahoo.com> on 2016/09/21 22:54:48 UTC

CxfEndpoint soap client usernametoken authentication

I am trying to access a soap service that requires that I athenticate with a
usernametoken in the security header.  Example desired outcome:



I can get the soap envelope part right with body, but the header with
security header alludes me.
Does anyone have a best practices for doing this in Camel?

Camel route below:


camel-config.xml below:





--
View this message in context: http://camel.465427.n5.nabble.com/CxfEndpoint-soap-client-usernametoken-authentication-tp5787910.html
Sent from the Camel - Users mailing list archive at Nabble.com.

RE: CxfEndpoint soap client usernametoken authentication

Posted by catequil <br...@yahoo.com>.
I looked at that article already.  It mainly talks about how to the digest
version, but I need to do the username plain text. Then I could not figure
out how to merge cxf-ws-security into the Camel route.  Also, I was hoping
that someone had already crossed this bridge and had a solution that was
already using Camel.  It seams that any headers I try to add manually get
stripped when using the MESSAGE DataFormat.  So I have tried using the POJO
and PAYLOAD DataFormats and then try and manipulate the header, but they are
so much more involved than to just manually adding the header as text. 
There has to be an easier and better way than going through the whole
process of creating an XML document from XML text and then adding it to the
header. It just seems such a kluge.  Any other thoughts on best practices
for doing this type of camel route accessing soap calls?



--
View this message in context: http://camel.465427.n5.nabble.com/CxfEndpoint-soap-client-usernametoken-authentication-tp5787910p5787939.html
Sent from the Camel - Users mailing list archive at Nabble.com.

RE: CxfEndpoint soap client usernametoken authentication

Posted by "Siano, Stephan" <st...@sap.com>.
You probably should have a look at
http://cxf.apache.org/docs/ws-security.html 

Best regards
Stephan

-----Original Message-----
From: catequil [mailto:bratnmw@yahoo.com] 
Sent: Donnerstag, 22. September 2016 00:55
To: users@camel.apache.org
Subject: CxfEndpoint soap client usernametoken authentication

I am trying to access a soap service that requires that I athenticate with a
usernametoken in the security header.  Example desired outcome:



I can get the soap envelope part right with body, but the header with
security header alludes me.
Does anyone have a best practices for doing this in Camel?

Camel route below:


camel-config.xml below:





--
View this message in context: http://camel.465427.n5.nabble.com/CxfEndpoint-soap-client-usernametoken-authentication-tp5787910.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Re: CxfEndpoint soap client usernametoken authentication

Posted by catequil <br...@yahoo.com>.
In step 1 you set 4 props.  Where would these props get set in the DSL?  or
can I somehow set them in the camel-config.xml as part of the cxfendpoint
element?  This part is a little vague to me.  I hope you can help?
Thanks!



--
View this message in context: http://camel.465427.n5.nabble.com/CxfEndpoint-soap-client-usernametoken-authentication-tp5787910p5788813.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Re: CxfEndpoint soap client usernametoken authentication

Posted by dmitriyC300 <dm...@gmail.com>.
There is a section on http://cxf.apache.org/docs/ws-security.html that
defines how to handle plain text username/password.

1. Add WSS4JOutInterceptor to you CXF endpoint out interceptors with
following configuration options:
props.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
props.put(WSHandlerConstants.USER, username);
props.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
props.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientPasswordHandler.class.getName());

2. Implement CallbackHandler interface to return password details
public class ClientPasswordCallback implements CallbackHandler {
 
    public void handle(Callback[] callbacks) throws IOException, 
        UnsupportedCallbackException {
 
        WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
 
        // set the password for our message.
        pc.setPassword("password");
    }
 
}



--
View this message in context: http://camel.465427.n5.nabble.com/CxfEndpoint-soap-client-usernametoken-authentication-tp5787910p5788698.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Re: CxfEndpoint soap client usernametoken authentication

Posted by catequil <br...@yahoo.com>.
Just was wondering if anyone had thought about a solution to this issue yet?



--
View this message in context: http://camel.465427.n5.nabble.com/CxfEndpoint-soap-client-usernametoken-authentication-tp5787910p5788623.html
Sent from the Camel - Users mailing list archive at Nabble.com.