You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@ode.apache.org by Eduardo Burgos <eb...@gmail.com> on 2007/06/28 22:20:25 UTC

jbi binding authentication question

Hi,

I have a bpel endpoint deployed, it currently invokes a web service that is
in a jsr181 serviceunit using the internal jbi binding (I'm using servicemix
3.2-incubating-SNAPSHOT) , the problem is: How can I set a username/password
for that invoke (using jbi binding)?
I need that in OdeConsumer class, before line 140 ( this line: boolean
sendOk = _ode.getChannel().sendSync(inout, _sendSyncTimeout); ) to be able
to set the securitySubject to the nmsg message ( nmsg.setSecuritySubject(
... ) ) so that it authenticates when the message arrives the destination
jsr181 endpoint. The username/password could be specified at the time you
define your partnerlinks in deploy.xml or even if it propagates from
securitySubject from the normalizedMessage that activated the process.
Either one works for me. Is this possible at the moment?

Thanks in advance,

Eduardo Burgos

Re: jbi binding authentication question

Posted by Alex Boisvert <bo...@intalio.com>.

On 8/28/07, Eduardo Burgos <eb...@gmail.com> wrote:
>
> Regarding this thread. I tried that solution by adding a
> ode-jbi.mex.interceptors=com.test.myclass but those events never trigger,
> at
> least they dont trigger before calling the external jsr181 serviceunit.
> What
> was the other workaround that you suggested? how can I hack JBI
> Integration
> layer + bpel_dd?



Do you see INFO messages about your interceptors being registered during
startup?   Does your class get instantiated?

alex

Re: jbi binding authentication question

Posted by Eduardo Burgos <eb...@gmail.com>.

Hi Alex,

Regarding this thread. I tried that solution by adding a
ode-jbi.mex.interceptors=com.test.myclass but those events never trigger, at
least they dont trigger before calling the external jsr181 serviceunit. What
was the other workaround that you suggested? how can I hack JBI Integration
layer + bpel_dd?



On 7/1/07, Alex Boisvert <bo...@intalio.com> wrote:
>
> Added in -trunk r552392.
>
> You can register your own message exchange interceptors by adding this
> property in ode-axis2.properties:
>
> ode-axis2.mex.interceptors=com.example.MyInterceptor
> ;com.example.AnotherInterceptor
>
> (and similarly for ode-jbi.properties, with the "ode-jbi" property prefix)
>
> alex
>
>
> On 7/1/07, Alex Boisvert <bo...@intalio.com> wrote:
> >
> > doesn't look like the interceptors are registered (via configuration)
> > right now.   i'll get on that.
> >
> > On 6/29/07, Eduardo Burgos < eburgos@gmail.com> wrote:
> > >
> > > oh, very nice. How do I use this interceptor? is there any docs?
> > >
> > >
> > >
> > > On 6/28/07, Alex Boisvert <bo...@intalio.com> wrote:
> > > >
> > > > Actually, you might also consider using a
> > > > MessageExchangeInterceptor<
> > > >
> http://svn.apache.org/repos/asf/incubator/ode/trunk/bpel-runtime/src/main/java/org/apache/ode/bpel/intercept/MessageExchangeInterceptor.java
> > >
> > > > >if
> > > > you're not passing the credentials via message data.
> > > >
> > > > alex
> > > >
> > > >
> > > > On 6/28/07, Alex Boisvert <boisvert@intalio.com > wrote:
> > > > >
> > > > > Hi Eduardo,
> > > > >
> > > > > It's possible if you're willing to hack the JBI integration layer
> +
> > > > > bpel_dd and glue things together.  There's little infrastructure
> > > support
> > > > for
> > > > > security right now... Perhaps an easier alternative is to write a
> > > custom
> > > > > message mapper to set the credentials on the normalized message,
> and
> > > > pass
> > > > > the credentials using either special message parts or somehow
> inject
> > >
> > > > > configuration into your message mapper.
> > > > >
> > > > > alex
> > > > >
> > > > >
> > > > > On 6/28/07, Eduardo Burgos <eb...@gmail.com> wrote:
> > > > > >
> > > > > > Hi,
> > > > > >
> > > > > > I have a bpel endpoint deployed, it currently invokes a web
> > > service
> > > > that
> > > > > > is
> > > > > > in a jsr181 serviceunit using the internal jbi binding (I'm
> using
> > > > > > servicemix
> > > > > > 3.2-incubating-SNAPSHOT) , the problem is: How can I set a
> > > > > > username/password
> > > > > > for that invoke (using jbi binding)?
> > > > > > I need that in OdeConsumer class, before line 140 ( this line:
> > > boolean
> > > > > > sendOk = _ode.getChannel().sendSync(inout, _sendSyncTimeout); )
> to
> > > be
> > > > > > able
> > > > > > to set the securitySubject to the nmsg message (
> > > > nmsg.setSecuritySubject
> > > > > > (
> > > > > > ... ) ) so that it authenticates when the message arrives the
> > > > > > destination
> > > > > > jsr181 endpoint. The username/password could be specified at the
> > > time
> > > > > > you
> > > > > > define your partnerlinks in deploy.xml or even if it propagates
> > > from
> > > > > > securitySubject from the normalizedMessage that activated the
> > > process.
> > > > > > Either one works for me. Is this possible at the moment?
> > > > > >
> > > > > > Thanks in advance,
> > > > > >
> > > > > > Eduardo Burgos
> > > > > >
> > > > >
> > > > >
> > > >
> > >
> >
> >
>

Re: jbi binding authentication question

Posted by Alex Boisvert <bo...@intalio.com>.

Added in -trunk r552392.

You can register your own message exchange interceptors by adding this
property in ode-axis2.properties:

ode-axis2.mex.interceptors=com.example.MyInterceptor
;com.example.AnotherInterceptor

(and similarly for ode-jbi.properties, with the "ode-jbi" property prefix)

alex


On 7/1/07, Alex Boisvert <bo...@intalio.com> wrote:
>
> doesn't look like the interceptors are registered (via configuration)
> right now.   i'll get on that.
>
> On 6/29/07, Eduardo Burgos < eburgos@gmail.com> wrote:
> >
> > oh, very nice. How do I use this interceptor? is there any docs?
> >
> >
> >
> > On 6/28/07, Alex Boisvert <bo...@intalio.com> wrote:
> > >
> > > Actually, you might also consider using a
> > > MessageExchangeInterceptor<
> > > http://svn.apache.org/repos/asf/incubator/ode/trunk/bpel-runtime/src/main/java/org/apache/ode/bpel/intercept/MessageExchangeInterceptor.java
> >
> > > >if
> > > you're not passing the credentials via message data.
> > >
> > > alex
> > >
> > >
> > > On 6/28/07, Alex Boisvert <boisvert@intalio.com > wrote:
> > > >
> > > > Hi Eduardo,
> > > >
> > > > It's possible if you're willing to hack the JBI integration layer +
> > > > bpel_dd and glue things together.  There's little infrastructure
> > support
> > > for
> > > > security right now... Perhaps an easier alternative is to write a
> > custom
> > > > message mapper to set the credentials on the normalized message, and
> > > pass
> > > > the credentials using either special message parts or somehow inject
> >
> > > > configuration into your message mapper.
> > > >
> > > > alex
> > > >
> > > >
> > > > On 6/28/07, Eduardo Burgos <eb...@gmail.com> wrote:
> > > > >
> > > > > Hi,
> > > > >
> > > > > I have a bpel endpoint deployed, it currently invokes a web
> > service
> > > that
> > > > > is
> > > > > in a jsr181 serviceunit using the internal jbi binding (I'm using
> > > > > servicemix
> > > > > 3.2-incubating-SNAPSHOT) , the problem is: How can I set a
> > > > > username/password
> > > > > for that invoke (using jbi binding)?
> > > > > I need that in OdeConsumer class, before line 140 ( this line:
> > boolean
> > > > > sendOk = _ode.getChannel().sendSync(inout, _sendSyncTimeout); ) to
> > be
> > > > > able
> > > > > to set the securitySubject to the nmsg message (
> > > nmsg.setSecuritySubject
> > > > > (
> > > > > ... ) ) so that it authenticates when the message arrives the
> > > > > destination
> > > > > jsr181 endpoint. The username/password could be specified at the
> > time
> > > > > you
> > > > > define your partnerlinks in deploy.xml or even if it propagates
> > from
> > > > > securitySubject from the normalizedMessage that activated the
> > process.
> > > > > Either one works for me. Is this possible at the moment?
> > > > >
> > > > > Thanks in advance,
> > > > >
> > > > > Eduardo Burgos
> > > > >
> > > >
> > > >
> > >
> >
>
>

Re: jbi binding authentication question

Posted by Alex Boisvert <bo...@intalio.com>.

doesn't look like the interceptors are registered (via configuration) right
now.   i'll get on that.

On 6/29/07, Eduardo Burgos <eb...@gmail.com> wrote:
>
> oh, very nice. How do I use this interceptor? is there any docs?
>
>
>
> On 6/28/07, Alex Boisvert <bo...@intalio.com> wrote:
> >
> > Actually, you might also consider using a
> > MessageExchangeInterceptor<
> >
> http://svn.apache.org/repos/asf/incubator/ode/trunk/bpel-runtime/src/main/java/org/apache/ode/bpel/intercept/MessageExchangeInterceptor.java
> > >if
> > you're not passing the credentials via message data.
> >
> > alex
> >
> >
> > On 6/28/07, Alex Boisvert <bo...@intalio.com> wrote:
> > >
> > > Hi Eduardo,
> > >
> > > It's possible if you're willing to hack the JBI integration layer +
> > > bpel_dd and glue things together.  There's little infrastructure
> support
> > for
> > > security right now... Perhaps an easier alternative is to write a
> custom
> > > message mapper to set the credentials on the normalized message, and
> > pass
> > > the credentials using either special message parts or somehow inject
> > > configuration into your message mapper.
> > >
> > > alex
> > >
> > >
> > > On 6/28/07, Eduardo Burgos <eb...@gmail.com> wrote:
> > > >
> > > > Hi,
> > > >
> > > > I have a bpel endpoint deployed, it currently invokes a web service
> > that
> > > > is
> > > > in a jsr181 serviceunit using the internal jbi binding (I'm using
> > > > servicemix
> > > > 3.2-incubating-SNAPSHOT) , the problem is: How can I set a
> > > > username/password
> > > > for that invoke (using jbi binding)?
> > > > I need that in OdeConsumer class, before line 140 ( this line:
> boolean
> > > > sendOk = _ode.getChannel().sendSync(inout, _sendSyncTimeout); ) to
> be
> > > > able
> > > > to set the securitySubject to the nmsg message (
> > nmsg.setSecuritySubject
> > > > (
> > > > ... ) ) so that it authenticates when the message arrives the
> > > > destination
> > > > jsr181 endpoint. The username/password could be specified at the
> time
> > > > you
> > > > define your partnerlinks in deploy.xml or even if it propagates from
> > > > securitySubject from the normalizedMessage that activated the
> process.
> > > > Either one works for me. Is this possible at the moment?
> > > >
> > > > Thanks in advance,
> > > >
> > > > Eduardo Burgos
> > > >
> > >
> > >
> >
>

Re: jbi binding authentication question

Posted by Eduardo Burgos <eb...@gmail.com>.

oh, very nice. How do I use this interceptor? is there any docs?



On 6/28/07, Alex Boisvert <bo...@intalio.com> wrote:
>
> Actually, you might also consider using a
> MessageExchangeInterceptor<
> http://svn.apache.org/repos/asf/incubator/ode/trunk/bpel-runtime/src/main/java/org/apache/ode/bpel/intercept/MessageExchangeInterceptor.java
> >if
> you're not passing the credentials via message data.
>
> alex
>
>
> On 6/28/07, Alex Boisvert <bo...@intalio.com> wrote:
> >
> > Hi Eduardo,
> >
> > It's possible if you're willing to hack the JBI integration layer +
> > bpel_dd and glue things together.  There's little infrastructure support
> for
> > security right now... Perhaps an easier alternative is to write a custom
> > message mapper to set the credentials on the normalized message, and
> pass
> > the credentials using either special message parts or somehow inject
> > configuration into your message mapper.
> >
> > alex
> >
> >
> > On 6/28/07, Eduardo Burgos <eb...@gmail.com> wrote:
> > >
> > > Hi,
> > >
> > > I have a bpel endpoint deployed, it currently invokes a web service
> that
> > > is
> > > in a jsr181 serviceunit using the internal jbi binding (I'm using
> > > servicemix
> > > 3.2-incubating-SNAPSHOT) , the problem is: How can I set a
> > > username/password
> > > for that invoke (using jbi binding)?
> > > I need that in OdeConsumer class, before line 140 ( this line: boolean
> > > sendOk = _ode.getChannel().sendSync(inout, _sendSyncTimeout); ) to be
> > > able
> > > to set the securitySubject to the nmsg message (
> nmsg.setSecuritySubject
> > > (
> > > ... ) ) so that it authenticates when the message arrives the
> > > destination
> > > jsr181 endpoint. The username/password could be specified at the time
> > > you
> > > define your partnerlinks in deploy.xml or even if it propagates from
> > > securitySubject from the normalizedMessage that activated the process.
> > > Either one works for me. Is this possible at the moment?
> > >
> > > Thanks in advance,
> > >
> > > Eduardo Burgos
> > >
> >
> >
>

Re: jbi binding authentication question

Posted by Alex Boisvert <bo...@intalio.com>.

Actually, you might also consider using a
MessageExchangeInterceptor<http://svn.apache.org/repos/asf/incubator/ode/trunk/bpel-runtime/src/main/java/org/apache/ode/bpel/intercept/MessageExchangeInterceptor.java>if
you're not passing the credentials via message data.

alex


On 6/28/07, Alex Boisvert <bo...@intalio.com> wrote:
>
> Hi Eduardo,
>
> It's possible if you're willing to hack the JBI integration layer +
> bpel_dd and glue things together.  There's little infrastructure support for
> security right now... Perhaps an easier alternative is to write a custom
> message mapper to set the credentials on the normalized message, and pass
> the credentials using either special message parts or somehow inject
> configuration into your message mapper.
>
> alex
>
>
> On 6/28/07, Eduardo Burgos <eb...@gmail.com> wrote:
> >
> > Hi,
> >
> > I have a bpel endpoint deployed, it currently invokes a web service that
> > is
> > in a jsr181 serviceunit using the internal jbi binding (I'm using
> > servicemix
> > 3.2-incubating-SNAPSHOT) , the problem is: How can I set a
> > username/password
> > for that invoke (using jbi binding)?
> > I need that in OdeConsumer class, before line 140 ( this line: boolean
> > sendOk = _ode.getChannel().sendSync(inout, _sendSyncTimeout); ) to be
> > able
> > to set the securitySubject to the nmsg message ( nmsg.setSecuritySubject
> > (
> > ... ) ) so that it authenticates when the message arrives the
> > destination
> > jsr181 endpoint. The username/password could be specified at the time
> > you
> > define your partnerlinks in deploy.xml or even if it propagates from
> > securitySubject from the normalizedMessage that activated the process.
> > Either one works for me. Is this possible at the moment?
> >
> > Thanks in advance,
> >
> > Eduardo Burgos
> >
>
>

Re: jbi binding authentication question

Posted by Alex Boisvert <bo...@intalio.com>.

Hi Eduardo,

It's possible if you're willing to hack the JBI integration layer + bpel_dd
and glue things together.  There's little infrastructure support for
security right now... Perhaps an easier alternative is to write a custom
message mapper to set the credentials on the normalized message, and pass
the credentials using either special message parts or somehow inject
configuration into your message mapper.

alex


On 6/28/07, Eduardo Burgos <eb...@gmail.com> wrote:
>
> Hi,
>
> I have a bpel endpoint deployed, it currently invokes a web service that
> is
> in a jsr181 serviceunit using the internal jbi binding (I'm using
> servicemix
> 3.2-incubating-SNAPSHOT) , the problem is: How can I set a
> username/password
> for that invoke (using jbi binding)?
> I need that in OdeConsumer class, before line 140 ( this line: boolean
> sendOk = _ode.getChannel().sendSync(inout, _sendSyncTimeout); ) to be able
> to set the securitySubject to the nmsg message ( nmsg.setSecuritySubject(
> ... ) ) so that it authenticates when the message arrives the destination
> jsr181 endpoint. The username/password could be specified at the time you
> define your partnerlinks in deploy.xml or even if it propagates from
> securitySubject from the normalizedMessage that activated the process.
> Either one works for me. Is this possible at the moment?
>
> Thanks in advance,
>
> Eduardo Burgos
>