You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by "Butterfield, Brian" <bu...@aware.com> on 2009/09/09 21:25:26 UTC

Rampart and ODE

I'm using Rampart WS-Security with username authentication to protect
ODE BPEL scripts.  I'm also using Rampart to add WS-Security username
headers when I'm invoking another web service.  Is it possible to
"forward" the incoming username and password and use the same
authentication for the web service that is being invoked?

Thanks,
-Brian

Re: Rampart and ODE

Posted by Prabath Siriwardena <pr...@wso2.com>.

Yes - if you can get access to the MessageContext  - before invoking the 
other services - then you can simply parse security header of the SOAP 
envelop and get access to both the user name and the password.

If you need this to be accessed from different places - a better way 
would be to write a handler and inject the password to MessageContext as 
a property - user name is already there and can be accessed as the 
following.

msgContext .getProperty(RampartMessageData.USERNAME);

Thanks & regards.
-Prabath

Butterfield, Brian wrote:
> I'm using Rampart WS-Security with username authentication to protect
> ODE BPEL scripts.  I'm also using Rampart to add WS-Security username
> headers when I'm invoking another web service.  Is it possible to
> "forward" the incoming username and password and use the same
> authentication for the web service that is being invoked?
>
> Thanks,
> -Brian
>
>