WSS4J, CXF, & Custom Attributes to a Service

[Wes <wt...@gmail.com>]

Hello,
I hope you guys (and gals) can help. I've been fighting this for days.

I have a CXF service that implements Username Token profile security via the
WSS4J api. Everything works as expected. I'm using SoapUI to test the
service. I can set  an explicit username and password. Pass that data
through a class (WSSecurityInterceptor) that extends AbstractSoapInterceptor
where I can place a CallBack class that implements CallbackHandler and
validate the username/password I sent in from SOAPUI.

In my callback class, I will be integrating the authentication to an Access
Manager API provided by our portal implementation. I can do this also
without a problem. The problem comes in when.... once I authenticate the
user I have access to all the data from our backend ldap that I will need in
my service. I've been trying to figure out a way to decorate the incoming
SOAP request with this specific data and, once inside my service, retrieve
the data without double-tapping ldap.

I've tried adding SOAP Headers, but there isn't a context inside the handle
method of the CallbackHandler. There has got to be a way to do this that I'm
just flat out missing. What is the correct way to decorate the SOAP request
with additional data (provided during the actual authentication routine)
inside the implemented CallbackHandler class?

Any hints would be greatly appreciated.
Wes