How to configure the SecurityProvider for the SimpleAuthenticationHandler?

[Jay Glanville <Ja...@naturalconvergence.com>]

Hello all.

What is the best way to configure the SecurityProvider for the
SimpleAuthenticationHandler?  I know that I need to set it in the
message context, and that it needs to be set before the SAH gets called.

One way I can think of is to create a handler that performs my
authentication by duplicating the SimpleAuthenticationHandler and
performing my own authentication.  But duplication of functionality
should always be avoided.

I can also conceive of a way where I make a handler chain, where the
first link in the chain is a service provider configuration handler
(where I set the service provider into the message context) and then
have the simple authentication handler be the next link.  However, this
feels awkward to me: any time that a configuration solution takes more
work then an incorrect solution (probably above) just discourages proper
usage.

I'm assuming that there is a way to declaratively configure the service
provider, either through the service-config.wsdd or through the
AxisServlet's init params.  Is this possible?

I've researched the mailing lists and gotten a couple of hits.
Unfortunately, none of the previous questions have ever been answered:
http://marc.theaimsgroup.com/?l=axis-user&m=102686051224514&w=2
http://marc.theaimsgroup.com/?l=axis-user&m=108180800721507&w=2
http://marc.theaimsgroup.com/?l=axis-user&m=109364005730437&w=2
(the dev list wasn't much help either)

So, what is the best way to configure the security provider for the
SimpleAuthenticationHandler?

Thanks

JDG
 
---
Jay Glanville