You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by jasminadesai <ja...@yahoo.com> on 2014/08/12 03:47:25 UTC
cxf-rt-ws-security 2.2.1 works and 2.3.11 does not with the same
code
Hi,
I have a custom callbackhandler and custom userdetailsservice in my
application.
I use cxf-rt-ws-security 2.2.1
Here is snippet from my custom callbackhandler.
protected void handleWSPasswordCallback(WSPasswordCallback callback) {
String username = callback.getIdentifer(); //For 2.3.11 this changes
to getIdentifier
String password = callback.getPassword();
try {
String encPwd =
PasswordDigest.encryptAccountPassword(password);
UsernamePasswordAuthenticationToken token = new
UsernamePasswordAuthenticationToken(username, encPwd);
Authentication auth =
authenticationManager.authenticate(token);
SecurityContextHolder.getContext().setAuthentication(auth);
} catch (Exception e) {
throw new SecurityException("Authentication Failed.");
}
}
and here is a snippet from the custom userdetailsservice.
public UserDetails loadUserByUsername(String username) throws
UsernameNotFoundException, DataAccessException {
String accountId = accountMatcher.group (1);
Account account = serviceLocator.getAccountRepository ().lookupAccount (new
Long (accountId));
// Grant our base authorities.
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority> ();
authorities.add (new GrantedAuthorityImpl (ROLE_MERCHANT_ACCOUNT));
UserDetails userDetails = new User (username, account.getPassword(), true,
true, true, account.isStatusActive (), authorities.toArray (new
GrantedAuthority[authorities.size ()]));
return userDetails;
}
This code works perfectly fine with cxf version 2.2.1.
The moment I change the version to 2.3.11, it starts giving me "Bad
Credentials" exception.
Can someone please help me with this. If I debug the code in 2.3.11, the
UsernamePasswordAuthenticationToken password and the password is the db is
exactly the same. I still get "Bad Credentials".
Regards,
Jasmina
--
View this message in context: http://cxf.547215.n5.nabble.com/cxf-rt-ws-security-2-2-1-works-and-2-3-11-does-not-with-the-same-code-tp5747661.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: cxf-rt-ws-security 2.2.1 works and 2.3.11 does not with the same code
Posted by Colm O hEigeartaigh <co...@apache.org>.
CXF 2.2.x and 2.3.x are quite old and are no longer maintained. Could you
try updating to a more recent version of CXF?
Colm.
On Tue, Aug 12, 2014 at 2:47 AM, jasminadesai <ja...@yahoo.com>
wrote:
> Hi,
>
> I have a custom callbackhandler and custom userdetailsservice in my
> application.
>
> I use cxf-rt-ws-security 2.2.1
>
> Here is snippet from my custom callbackhandler.
>
> protected void handleWSPasswordCallback(WSPasswordCallback callback) {
> String username = callback.getIdentifer(); //For 2.3.11 this
> changes
> to getIdentifier
> String password = callback.getPassword();
> try {
> String encPwd =
> PasswordDigest.encryptAccountPassword(password);
> UsernamePasswordAuthenticationToken token = new
> UsernamePasswordAuthenticationToken(username, encPwd);
> Authentication auth =
> authenticationManager.authenticate(token);
> SecurityContextHolder.getContext().setAuthentication(auth);
> } catch (Exception e) {
> throw new SecurityException("Authentication Failed.");
> }
> }
>
> and here is a snippet from the custom userdetailsservice.
>
> public UserDetails loadUserByUsername(String username) throws
> UsernameNotFoundException, DataAccessException {
> String accountId = accountMatcher.group (1);
> Account account = serviceLocator.getAccountRepository
> ().lookupAccount (new
> Long (accountId));
>
> // Grant our base authorities.
> List<GrantedAuthority> authorities = new
> ArrayList<GrantedAuthority> ();
> authorities.add (new GrantedAuthorityImpl (ROLE_MERCHANT_ACCOUNT));
>
> UserDetails userDetails = new User (username,
> account.getPassword(), true,
> true, true, account.isStatusActive (), authorities.toArray (new
> GrantedAuthority[authorities.size ()]));
>
> return userDetails;
>
> }
>
> This code works perfectly fine with cxf version 2.2.1.
> The moment I change the version to 2.3.11, it starts giving me "Bad
> Credentials" exception.
>
> Can someone please help me with this. If I debug the code in 2.3.11, the
> UsernamePasswordAuthenticationToken password and the password is the db is
> exactly the same. I still get "Bad Credentials".
>
>
> Regards,
> Jasmina
>
>
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/cxf-rt-ws-security-2-2-1-works-and-2-3-11-does-not-with-the-same-code-tp5747661.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com