Oct 16th, 2008, 11:01 AM
Authentication with 3 parameters
I need to authenticate via ws-security while not only using username and password, but also using a 3rd parameter "databaseBeanId" (because based on the databaseBeanId, the source database where the user resides can vary), however, I haven't found any thing that extends AbstractWsPasswordCallbackHandler that implements this sort of authentication. So I've written a class that extends AbstractWsPasswordCallbackHandler in an effort to utilize the CUSTOM_TOKEN...the custom token would include elements or attributes for username, password, and databaseBeanId, and then in my new class I'd implement the handleCustomToken() method.
The issue I'm struggling with figuring out is, how do I correctly setup my securityConfiguration.xml file to account for this requirement of using the CustomToken in the soap header, instead of how all the examples I'm finding use something like:
<xwss:RequireUsernameToken passwordDigestRequired="false" nonceRequired="false"/>
...and on the heels of that, am I trying to reinvent the wheel? Is functionality like this already available that I'm just missing?
Oct 28th, 2008, 07:43 AM
I made a few changes to my implementation for this, I'm now extending AbstractCallbackHandler, and built a validator that implements the PasswordValidationCallback interface.
...but still, the issue is that I need to use 3 parameters to authenticate. As a "workaround" I'm concatenating 2 parameters as the "username", so username is something like:
...where the pipe is the delimiter between the databaseBeanId parameter and the actual username....but still this is kind of fudging things.
Does anyone have any suggestions as to how to require a third parameter while still abiding by ws-security standards?
May 22nd, 2009, 04:38 AM
I want to do similar kind of thing, can you please explain your solution in more detail and if possible can you please share your code with me?