You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by Takashi Saruhashi <TS...@valueprice.eu> on 2008/05/26 10:50:58 UTC
[Axis2] How can I get Authentication information from WebService in AXIS2
Hello all,
Currently, I don't know how to get Authentication information (username) from WebService in AXIS2.
I set Authentication information to WebService Client like this,
===
// Define client to access to the Web Service.
ServiceClient sc = stub._getServiceClient();
// Engage modules for the authentication sc.engageModule("rampart");
// Set Options for authentication purpose.
Options options = sc.getOptions();
options.setUserName("Test");
options.setPassword("test");
===
Those Authentication information is sent to Password Callback Class from Client.
I think this one is using JAAS.
Is it possible to get Authentication information(username) from WebService in AXIS2??
If I'm right, in case of AXIS1, I can fetch the value using " SimpleAuthenticationHandler " like this,
===
org.apache.axis.handlers.SimpleAuthenticationHandler
public class SimpleAuthenticationHandler extends BasicHandler {
public void invoke(MessageContext msgContext) throws AxisFault {
SecurityProvider provider = (SecurityProvider)msgContext.getProperty("securityProvider");
if (provider != null) {
String userID = msgContext.getUsername();
if ( userID == null || userID.equals(""))
throw new AxisFault( "Server.Unauthenticated",........);
String passwd = msgContext.getPassword();
AuthenticatedUser authUser = provider.authenticate(msgContext);
if ( authUser == null)
throw new AxisFault( "Server.Unauthenticated",........);
msgContext.setProperty(MessageContext.AUTHUSER, authUser);
}
}
};
===
However, in case of AXIS2, I can't find any Class like this for fetching Authentication Information.
Does someone know the way to fetch Authentication information in AXIS2??
Any suggestions are quite appreciated.
May Tnanks
Takashi
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-dev-help@ws.apache.org
RE: [Axis2] How can I get Authentication information from WebService in AXIS2
Posted by Takashi Saruhashi <TS...@valueprice.eu>.
Hello Keith,
Thank you for replying to me again and again.
> But have you engaged a security policy to your service?
Yes, I did. I specified policy.xml file in Client side and pass those information to Auto-generated stub as Context.
Actually, I succeeded to get username by modifying the way you told me like this,
-----
// For getting customer name from the Authentication Context.
MessageContext msgCtx = MessageContext.getCurrentMessageContext();
Vector<?> v = (Vector) msgCtx.getProperty(WSHandlerConstants.RECV_RESULTS);
WSHandlerResult result = (WSHandlerResult) v.get(0);
Vector<?> wsResults = result.getResults();
WSSecurityEngineResult ws = (WSSecurityEngineResult) wsResults.get(0);
String customerName = ws.getPrincipal().getName();
----
However, getPrinciple method marked as red character is deprecated method….
I want to avoid deprecated method if it’s possible…
Could you tell me why this method is already deprecated and teach me alternative way??
Best regards.
Takashi
________________________________________
From: keith chapman [mailto:keithgchapman@gmail.com]
Sent: Tuesday, May 27, 2008 4:28 PM
To: axis-dev@ws.apache.org
Subject: Re: [Axis2] How can I get Authentication information from WebService in AXIS2
Hi Takashi,
But have you engaged a security policy to your service? The message flowing through Axis2 will be intercepted by rampart only if it has a security policy associated with it. And once Rampart intercepts the message yiu can get the result of it as I have stated.
Thanks,
Keith.
On Tue, May 27, 2008 at 4:25 PM, Takashi Saruhashi <TS...@valueprice.eu> wrote:
Hi Keith,
Thanks for replying again. Actually, I debugged and found out this part is null.
---
((WSSecurityEngineResult)((WSHandlerResult)results.get(0)).getResults().get(1))
---
As I already said in my first email, I set authentication information using ServiceClient from Client like this,
===
// Define client to access to the Web Service.
ServiceClient sc = stub._getServiceClient();
// Engage modules for the authentication sc.engageModule("rampart");
// Set Options for authentication purpose.
Options options = sc.getOptions();
options.setUserName("Test");
options.setPassword("test");
===
I need to change the way to set Authentication Information from Client side??
Many Thanks.
Takashi
________________________________________
From: keith chapman [mailto:keithgchapman@gmail.com]
Sent: Tuesday, May 27, 2008 11:34 AM
To: axis-dev@ws.apache.org
Subject: Re: [Axis2] How can I get Authentication information from WebService in AXIS2
Hi Takashi,
The code I gave you is for Axis2 and not Axis1. This code will work for a service thats secured using username Token scenario. The code snippet I gave you was taken from [1] which is an admin service in the WSO2 Mashup Server which is secured using username token scenario.
Can you try debugging your service to check what exactly is null and also check weather your service is really secured using username token scenario (These results that we retrive in the service is set into the Message Context by Rampart when it processors the security header). Also this code applies for Axis2 1.4.
Thanks,
Keith.
[1] https://svn.wso2.org/repos/wso2/trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceUT.java
On Tue, May 27, 2008 at 2:51 PM, Takashi Saruhashi <TS...@valueprice.eu> wrote:
Hello Keith,
Thanks for your reply!! I tried your way in your previous email.
However, it seems it doesn't work....
Is this really suitable for AXIS2 also?? I think the way you showed me is for AXIS1.
Could you tell me the web site describing how to fetch Authentication information if possible??
Instead of getting username, I got NPE....
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:194)
at org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:98)
at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:96)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:145)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:120)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.lang.NullPointerException
at services.PriceService.getPrice(PriceService.java:103)
... 31 more
________________________________________
From: keith chapman [mailto:keithgchapman@gmail.com]
Sent: Tuesday, May 27, 2008 4:10 AM
To: axis-dev@ws.apache.org
Subject: Re: [Axis2] How can I get Authentication information from WebService in AXIS2
Hi Takashi,
You can get the username in this manner in your service.
MessageContext msgCtx = MessageContext.getCurrentMessageContext();
Vector results = (Vector) msgCtx
.getProperty(WSHandlerConstants.RECV_RESULTS);
String username = ((WSSecurityEngineResult)((WSHandlerResult)results.get(0)).getResults().get(1)).getPrincipal().getName();
Thanks,
Keith.
2008/5/26 Takashi Saruhashi <TS...@valueprice.eu>:
Hello all,
Currently, I don't know how to get Authentication information (username) from WebService in AXIS2.
I set Authentication information to WebService Client like this,
===
// Define client to access to the Web Service.
ServiceClient sc = stub._getServiceClient();
// Engage modules for the authentication sc.engageModule("rampart");
// Set Options for authentication purpose.
Options options = sc.getOptions();
options.setUserName("Test");
options.setPassword("test");
===
Those Authentication information is sent to Password Callback Class from Client.
I think this one is using JAAS.
Is it possible to get Authentication information(username) from WebService in AXIS2??
If I'm right, in case of AXIS1, I can fetch the value using " SimpleAuthenticationHandler " like this,
===
org.apache.axis.handlers.SimpleAuthenticationHandler
public class SimpleAuthenticationHandler extends BasicHandler {
public void invoke(MessageContext msgContext) throws AxisFault {
SecurityProvider provider = (SecurityProvider)msgContext.getProperty("securityProvider");
if (provider != null) {
String userID = msgContext.getUsername();
if ( userID == null || userID.equals(""))
throw new AxisFault( "Server.Unauthenticated",........);
String passwd = msgContext.getPassword();
AuthenticatedUser authUser = provider.authenticate(msgContext);
if ( authUser == null)
throw new AxisFault( "Server.Unauthenticated",........);
msgContext.setProperty(MessageContext.AUTHUSER, authUser);
}
}
};
===
However, in case of AXIS2, I can't find any Class like this for fetching Authentication Information.
Does someone know the way to fetch Authentication information in AXIS2??
Any suggestions are quite appreciated.
May Tnanks
Takashi
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-dev-help@ws.apache.org
--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://www.keith-chapman.org
--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://www.keith-chapman.org
--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://www.keith-chapman.org
Re: [Axis2] How can I get Authentication information from WebService in AXIS2
Posted by keith chapman <ke...@gmail.com>.
Hi Takashi,
But have you engaged a security policy to your service? The message flowing
through Axis2 will be intercepted by rampart only if it has a security
policy associated with it. And once Rampart intercepts the message yiu can
get the result of it as I have stated.
Thanks,
Keith.
On Tue, May 27, 2008 at 4:25 PM, Takashi Saruhashi <TS...@valueprice.eu>
wrote:
> Hi Keith,
>
> Thanks for replying again. Actually, I debugged and found out this part is
> null.
>
> ---
>
> ((WSSecurityEngineResult)((WSHandlerResult)results.get(0)).getResults().get(1))
> ---
>
> As I already said in my first email, I set authentication information using
> ServiceClient from Client like this,
>
> ===
> // Define client to access to the Web Service.
> ServiceClient sc = stub._getServiceClient();
>
> // Engage modules for the authentication sc.engageModule("rampart");
>
> // Set Options for authentication purpose.
> Options options = sc.getOptions();
> options.setUserName("Test");
> options.setPassword("test");
> ===
>
> I need to change the way to set Authentication Information from Client
> side??
>
>
> Many Thanks.
> Takashi
>
>
>
>
> ________________________________________
> From: keith chapman [mailto:keithgchapman@gmail.com]
> Sent: Tuesday, May 27, 2008 11:34 AM
> To: axis-dev@ws.apache.org
> Subject: Re: [Axis2] How can I get Authentication information from
> WebService in AXIS2
>
> Hi Takashi,
>
> The code I gave you is for Axis2 and not Axis1. This code will work for a
> service thats secured using username Token scenario. The code snippet I gave
> you was taken from [1] which is an admin service in the WSO2 Mashup Server
> which is secured using username token scenario.
>
> Can you try debugging your service to check what exactly is null and also
> check weather your service is really secured using username token scenario
> (These results that we retrive in the service is set into the Message
> Context by Rampart when it processors the security header). Also this code
> applies for Axis2 1.4.
>
> Thanks,
> Keith.
>
> [1]
> https://svn.wso2.org/repos/wso2/trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceUT.java
> On Tue, May 27, 2008 at 2:51 PM, Takashi Saruhashi
> <TS...@valueprice.eu> wrote:
> Hello Keith,
>
> Thanks for your reply!! I tried your way in your previous email.
> However, it seems it doesn't work....
>
> Is this really suitable for AXIS2 also?? I think the way you showed me is
> for AXIS1.
> Could you tell me the web site describing how to fetch Authentication
> information if possible??
>
> Instead of getting username, I got NPE....
>
> java.lang.reflect.InvocationTargetException
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:194)
> at
> org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:98)
> at
> org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
> at
> org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:96)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:145)
> at
> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
> at
> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:120)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at
> org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
> at
> org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
> at
> org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> at
> org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
> at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
> at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
> at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
> at java.lang.Thread.run(Thread.java:595)
> Caused by: java.lang.NullPointerException
> at services.PriceService.getPrice(PriceService.java:103)
> ... 31 more
>
>
> ________________________________________
> From: keith chapman [mailto:keithgchapman@gmail.com]
> Sent: Tuesday, May 27, 2008 4:10 AM
> To: axis-dev@ws.apache.org
> Subject: Re: [Axis2] How can I get Authentication information from
> WebService in AXIS2
>
> Hi Takashi,
>
> You can get the username in this manner in your service.
>
> MessageContext msgCtx = MessageContext.getCurrentMessageContext();
>
> Vector results = (Vector) msgCtx
> .getProperty(WSHandlerConstants.RECV_RESULTS);
>
> String username =
> ((WSSecurityEngineResult)((WSHandlerResult)results.get(0)).getResults().get(1)).getPrincipal().getName();
>
> Thanks,
> Keith.
> 2008/5/26 Takashi Saruhashi <TS...@valueprice.eu>:
> Hello all,
>
> Currently, I don't know how to get Authentication information (username)
> from WebService in AXIS2.
>
> I set Authentication information to WebService Client like this,
>
> ===
> // Define client to access to the Web Service.
> ServiceClient sc = stub._getServiceClient();
>
> // Engage modules for the authentication sc.engageModule("rampart");
>
> // Set Options for authentication purpose.
> Options options = sc.getOptions();
> options.setUserName("Test");
> options.setPassword("test");
> ===
>
> Those Authentication information is sent to Password Callback Class from
> Client.
> I think this one is using JAAS.
>
> Is it possible to get Authentication information(username) from WebService
> in AXIS2??
>
> If I'm right, in case of AXIS1, I can fetch the value using "
> SimpleAuthenticationHandler " like this,
>
> ===
> org.apache.axis.handlers.SimpleAuthenticationHandler
> public class SimpleAuthenticationHandler extends BasicHandler {
>
> public void invoke(MessageContext msgContext) throws AxisFault {
> SecurityProvider provider =
> (SecurityProvider)msgContext.getProperty("securityProvider");
> if (provider != null) {
> String userID = msgContext.getUsername();
> if ( userID == null || userID.equals(""))
> throw new AxisFault( "Server.Unauthenticated",........);
> String passwd = msgContext.getPassword();
> AuthenticatedUser authUser = provider.authenticate(msgContext);
> if ( authUser == null)
> throw new AxisFault( "Server.Unauthenticated",........);
> msgContext.setProperty(MessageContext.AUTHUSER, authUser);
> }
> }
> };
> ===
>
>
> However, in case of AXIS2, I can't find any Class like this for fetching
> Authentication Information.
> Does someone know the way to fetch Authentication information in AXIS2??
> Any suggestions are quite appreciated.
>
>
> May Tnanks
>
> Takashi
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-dev-help@ws.apache.org
>
>
>
> --
> Keith Chapman
> Senior Software Engineer
> WSO2 Inc.
> Oxygenating the Web Service Platform.
> http://wso2.org/
>
> blog: http://www.keith-chapman.org
>
>
>
> --
> Keith Chapman
> Senior Software Engineer
> WSO2 Inc.
> Oxygenating the Web Service Platform.
> http://wso2.org/
>
> blog: http://www.keith-chapman.org
>
--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://www.keith-chapman.org
RE: [Axis2] How can I get Authentication information from WebService in AXIS2
Posted by Takashi Saruhashi <TS...@valueprice.eu>.
Hi Keith,
Thanks for replying again. Actually, I debugged and found out this part is null.
---
((WSSecurityEngineResult)((WSHandlerResult)results.get(0)).getResults().get(1))
---
As I already said in my first email, I set authentication information using ServiceClient from Client like this,
===
// Define client to access to the Web Service.
ServiceClient sc = stub._getServiceClient();
// Engage modules for the authentication sc.engageModule("rampart");
// Set Options for authentication purpose.
Options options = sc.getOptions();
options.setUserName("Test");
options.setPassword("test");
===
I need to change the way to set Authentication Information from Client side??
Many Thanks.
Takashi
________________________________________
From: keith chapman [mailto:keithgchapman@gmail.com]
Sent: Tuesday, May 27, 2008 11:34 AM
To: axis-dev@ws.apache.org
Subject: Re: [Axis2] How can I get Authentication information from WebService in AXIS2
Hi Takashi,
The code I gave you is for Axis2 and not Axis1. This code will work for a service thats secured using username Token scenario. The code snippet I gave you was taken from [1] which is an admin service in the WSO2 Mashup Server which is secured using username token scenario.
Can you try debugging your service to check what exactly is null and also check weather your service is really secured using username token scenario (These results that we retrive in the service is set into the Message Context by Rampart when it processors the security header). Also this code applies for Axis2 1.4.
Thanks,
Keith.
[1] https://svn.wso2.org/repos/wso2/trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceUT.java
On Tue, May 27, 2008 at 2:51 PM, Takashi Saruhashi <TS...@valueprice.eu> wrote:
Hello Keith,
Thanks for your reply!! I tried your way in your previous email.
However, it seems it doesn't work....
Is this really suitable for AXIS2 also?? I think the way you showed me is for AXIS1.
Could you tell me the web site describing how to fetch Authentication information if possible??
Instead of getting username, I got NPE....
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:194)
at org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:98)
at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:96)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:145)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:120)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.lang.NullPointerException
at services.PriceService.getPrice(PriceService.java:103)
... 31 more
________________________________________
From: keith chapman [mailto:keithgchapman@gmail.com]
Sent: Tuesday, May 27, 2008 4:10 AM
To: axis-dev@ws.apache.org
Subject: Re: [Axis2] How can I get Authentication information from WebService in AXIS2
Hi Takashi,
You can get the username in this manner in your service.
MessageContext msgCtx = MessageContext.getCurrentMessageContext();
Vector results = (Vector) msgCtx
.getProperty(WSHandlerConstants.RECV_RESULTS);
String username = ((WSSecurityEngineResult)((WSHandlerResult)results.get(0)).getResults().get(1)).getPrincipal().getName();
Thanks,
Keith.
2008/5/26 Takashi Saruhashi <TS...@valueprice.eu>:
Hello all,
Currently, I don't know how to get Authentication information (username) from WebService in AXIS2.
I set Authentication information to WebService Client like this,
===
// Define client to access to the Web Service.
ServiceClient sc = stub._getServiceClient();
// Engage modules for the authentication sc.engageModule("rampart");
// Set Options for authentication purpose.
Options options = sc.getOptions();
options.setUserName("Test");
options.setPassword("test");
===
Those Authentication information is sent to Password Callback Class from Client.
I think this one is using JAAS.
Is it possible to get Authentication information(username) from WebService in AXIS2??
If I'm right, in case of AXIS1, I can fetch the value using " SimpleAuthenticationHandler " like this,
===
org.apache.axis.handlers.SimpleAuthenticationHandler
public class SimpleAuthenticationHandler extends BasicHandler {
public void invoke(MessageContext msgContext) throws AxisFault {
SecurityProvider provider = (SecurityProvider)msgContext.getProperty("securityProvider");
if (provider != null) {
String userID = msgContext.getUsername();
if ( userID == null || userID.equals(""))
throw new AxisFault( "Server.Unauthenticated",........);
String passwd = msgContext.getPassword();
AuthenticatedUser authUser = provider.authenticate(msgContext);
if ( authUser == null)
throw new AxisFault( "Server.Unauthenticated",........);
msgContext.setProperty(MessageContext.AUTHUSER, authUser);
}
}
};
===
However, in case of AXIS2, I can't find any Class like this for fetching Authentication Information.
Does someone know the way to fetch Authentication information in AXIS2??
Any suggestions are quite appreciated.
May Tnanks
Takashi
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-dev-help@ws.apache.org
--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://www.keith-chapman.org
--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://www.keith-chapman.org
Re: [Axis2] How can I get Authentication information from WebService in AXIS2
Posted by keith chapman <ke...@gmail.com>.
Hi Takashi,
The code I gave you is for Axis2 and not Axis1. This code will work for a
service thats secured using username Token scenario. The code snippet I gave
you was taken from [1] which is an admin service in the WSO2 Mashup Server
which is secured using username token scenario.
Can you try debugging your service to check what exactly is null and also
check weather your service is really secured using username token scenario
(These results that we retrive in the service is set into the Message
Context by Rampart when it processors the security header). Also this code
applies for Axis2 1.4.
Thanks,
Keith.
[1]
https://svn.wso2.org/repos/wso2/trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceUT.java
On Tue, May 27, 2008 at 2:51 PM, Takashi Saruhashi <TS...@valueprice.eu>
wrote:
> Hello Keith,
>
> Thanks for your reply!! I tried your way in your previous email.
> However, it seems it doesn't work....
>
> Is this really suitable for AXIS2 also?? I think the way you showed me is
> for AXIS1.
> Could you tell me the web site describing how to fetch Authentication
> information if possible??
>
> Instead of getting username, I got NPE....
>
> java.lang.reflect.InvocationTargetException
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:194)
> at
> org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:98)
> at
> org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
> at
> org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:96)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:145)
> at
> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
> at
> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:120)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at
> org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
> at
> org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
> at
> org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> at
> org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
> at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
> at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
> at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
> at java.lang.Thread.run(Thread.java:595)
> Caused by: java.lang.NullPointerException
> at services.PriceService.getPrice(PriceService.java:103)
> ... 31 more
>
>
> ________________________________________
> From: keith chapman [mailto:keithgchapman@gmail.com]
> Sent: Tuesday, May 27, 2008 4:10 AM
> To: axis-dev@ws.apache.org
> Subject: Re: [Axis2] How can I get Authentication information from
> WebService in AXIS2
>
> Hi Takashi,
>
> You can get the username in this manner in your service.
>
> MessageContext msgCtx = MessageContext.getCurrentMessageContext();
>
> Vector results = (Vector) msgCtx
> .getProperty(WSHandlerConstants.RECV_RESULTS);
>
> String username =
> ((WSSecurityEngineResult)((WSHandlerResult)results.get(0)).getResults().get(1)).getPrincipal().getName();
>
> Thanks,
> Keith.
> 2008/5/26 Takashi Saruhashi <TS...@valueprice.eu>:
> Hello all,
>
> Currently, I don't know how to get Authentication information (username)
> from WebService in AXIS2.
>
> I set Authentication information to WebService Client like this,
>
> ===
> // Define client to access to the Web Service.
> ServiceClient sc = stub._getServiceClient();
>
> // Engage modules for the authentication sc.engageModule("rampart");
>
> // Set Options for authentication purpose.
> Options options = sc.getOptions();
> options.setUserName("Test");
> options.setPassword("test");
> ===
>
> Those Authentication information is sent to Password Callback Class from
> Client.
> I think this one is using JAAS.
>
> Is it possible to get Authentication information(username) from WebService
> in AXIS2??
>
> If I'm right, in case of AXIS1, I can fetch the value using "
> SimpleAuthenticationHandler " like this,
>
> ===
> org.apache.axis.handlers.SimpleAuthenticationHandler
> public class SimpleAuthenticationHandler extends BasicHandler {
>
> public void invoke(MessageContext msgContext) throws AxisFault {
> SecurityProvider provider =
> (SecurityProvider)msgContext.getProperty("securityProvider");
> if (provider != null) {
> String userID = msgContext.getUsername();
> if ( userID == null || userID.equals(""))
> throw new AxisFault( "Server.Unauthenticated",........);
> String passwd = msgContext.getPassword();
> AuthenticatedUser authUser = provider.authenticate(msgContext);
> if ( authUser == null)
> throw new AxisFault( "Server.Unauthenticated",........);
> msgContext.setProperty(MessageContext.AUTHUSER, authUser);
> }
> }
> };
> ===
>
>
> However, in case of AXIS2, I can't find any Class like this for fetching
> Authentication Information.
> Does someone know the way to fetch Authentication information in AXIS2??
> Any suggestions are quite appreciated.
>
>
> May Tnanks
>
> Takashi
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-dev-help@ws.apache.org
>
>
>
> --
> Keith Chapman
> Senior Software Engineer
> WSO2 Inc.
> Oxygenating the Web Service Platform.
> http://wso2.org/
>
> blog: http://www.keith-chapman.org
>
--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://www.keith-chapman.org
RE: [Axis2] How can I get Authentication information from WebService in AXIS2
Posted by Takashi Saruhashi <TS...@valueprice.eu>.
Hello Keith,
Thanks for your reply!! I tried your way in your previous email.
However, it seems it doesn't work....
Is this really suitable for AXIS2 also?? I think the way you showed me is for AXIS1.
Could you tell me the web site describing how to fetch Authentication information if possible??
Instead of getting username, I got NPE....
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:194)
at org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:98)
at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:96)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:145)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:120)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.lang.NullPointerException
at services.PriceService.getPrice(PriceService.java:103)
... 31 more
________________________________________
From: keith chapman [mailto:keithgchapman@gmail.com]
Sent: Tuesday, May 27, 2008 4:10 AM
To: axis-dev@ws.apache.org
Subject: Re: [Axis2] How can I get Authentication information from WebService in AXIS2
Hi Takashi,
You can get the username in this manner in your service.
MessageContext msgCtx = MessageContext.getCurrentMessageContext();
Vector results = (Vector) msgCtx
.getProperty(WSHandlerConstants.RECV_RESULTS);
String username = ((WSSecurityEngineResult)((WSHandlerResult)results.get(0)).getResults().get(1)).getPrincipal().getName();
Thanks,
Keith.
2008/5/26 Takashi Saruhashi <TS...@valueprice.eu>:
Hello all,
Currently, I don't know how to get Authentication information (username) from WebService in AXIS2.
I set Authentication information to WebService Client like this,
===
// Define client to access to the Web Service.
ServiceClient sc = stub._getServiceClient();
// Engage modules for the authentication sc.engageModule("rampart");
// Set Options for authentication purpose.
Options options = sc.getOptions();
options.setUserName("Test");
options.setPassword("test");
===
Those Authentication information is sent to Password Callback Class from Client.
I think this one is using JAAS.
Is it possible to get Authentication information(username) from WebService in AXIS2??
If I'm right, in case of AXIS1, I can fetch the value using " SimpleAuthenticationHandler " like this,
===
org.apache.axis.handlers.SimpleAuthenticationHandler
public class SimpleAuthenticationHandler extends BasicHandler {
public void invoke(MessageContext msgContext) throws AxisFault {
SecurityProvider provider = (SecurityProvider)msgContext.getProperty("securityProvider");
if (provider != null) {
String userID = msgContext.getUsername();
if ( userID == null || userID.equals(""))
throw new AxisFault( "Server.Unauthenticated",........);
String passwd = msgContext.getPassword();
AuthenticatedUser authUser = provider.authenticate(msgContext);
if ( authUser == null)
throw new AxisFault( "Server.Unauthenticated",........);
msgContext.setProperty(MessageContext.AUTHUSER, authUser);
}
}
};
===
However, in case of AXIS2, I can't find any Class like this for fetching Authentication Information.
Does someone know the way to fetch Authentication information in AXIS2??
Any suggestions are quite appreciated.
May Tnanks
Takashi
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-dev-help@ws.apache.org
--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://www.keith-chapman.org
Re: [Axis2] How can I get Authentication information from WebService in AXIS2
Posted by keith chapman <ke...@gmail.com>.
Hi Takashi,
You can get the username in this manner in your service.
MessageContext msgCtx = MessageContext.getCurrentMessageContext();
Vector results = (Vector) msgCtx
.getProperty(WSHandlerConstants.RECV_RESULTS);
String username =
((WSSecurityEngineResult)((WSHandlerResult)results.get(0)).getResults().get(1)).getPrincipal().getName();
Thanks,
Keith.
2008/5/26 Takashi Saruhashi <TS...@valueprice.eu>:
> Hello all,
>
> Currently, I don't know how to get Authentication information (username)
> from WebService in AXIS2.
>
> I set Authentication information to WebService Client like this,
>
> ===
> // Define client to access to the Web Service.
> ServiceClient sc = stub._getServiceClient();
>
> // Engage modules for the authentication sc.engageModule("rampart");
>
> // Set Options for authentication purpose.
> Options options = sc.getOptions();
> options.setUserName("Test");
> options.setPassword("test");
> ===
>
> Those Authentication information is sent to Password Callback Class from
> Client.
> I think this one is using JAAS.
>
> Is it possible to get Authentication information(username) from WebService
> in AXIS2??
>
> If I'm right, in case of AXIS1, I can fetch the value using "
> SimpleAuthenticationHandler " like this,
>
> ===
> org.apache.axis.handlers.SimpleAuthenticationHandler
> public class SimpleAuthenticationHandler extends BasicHandler {
>
> public void invoke(MessageContext msgContext) throws AxisFault {
> SecurityProvider provider =
> (SecurityProvider)msgContext.getProperty("securityProvider");
> if (provider != null) {
> String userID = msgContext.getUsername();
> if ( userID == null || userID.equals(""))
> throw new AxisFault( "Server.Unauthenticated",........);
> String passwd = msgContext.getPassword();
> AuthenticatedUser authUser = provider.authenticate(msgContext);
> if ( authUser == null)
> throw new AxisFault( "Server.Unauthenticated",........);
> msgContext.setProperty(MessageContext.AUTHUSER, authUser);
> }
> }
> };
> ===
>
>
> However, in case of AXIS2, I can't find any Class like this for fetching
> Authentication Information.
> Does someone know the way to fetch Authentication information in AXIS2??
> Any suggestions are quite appreciated.
>
>
> May Tnanks
>
> Takashi
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-dev-help@ws.apache.org
>
>
--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://www.keith-chapman.org