Results 1 to 7 of 7

Thread: Get username from SoapHeader's UsernameToken

Hybrid View

  1. Sep 15th, 2009, 01:21 AM #1
    unknownyesno
    unknownyesno is offline Junior Member
    Join Date
    Sep 2009
    Posts
    1

    Default Get username from SoapHeader's UsernameToken

    as title, How can I obtain the username from soapheader to perform further action?

    I already use SimplePasswordValidationCallbackHandler to do the authenticaiton successfully, then I need to get back the username to perform other validation.
    Reply With Quote Reply With Quote
  2. Sep 18th, 2009, 12:05 AM #2
    vbose
    vbose is offline Senior Member
    Join Date
    Apr 2005
    Posts
    112

    Default

    You could obtain the authenticated user from the Spring Security Context. See below.

    Code:
    Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();

String username = currentUser.getName();
    Reply With Quote Reply With Quote
  3. May 23rd, 2012, 04:54 AM #3
    kkelleher
    kkelleher is offline Junior Member
    Join Date
    Feb 2011
    Posts
    19

    Default

    Quote Originally Posted by vbose View Post
    You could obtain the authenticated user from the Spring Security Context. See below.

    Code:
    Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();

String username = currentUser.getName();
    Hi,

    I tied this but get a null pointer exception. currentUser is null. I'm using spring-ws-2.0.4-RELEASE and playing around with the tutorial example.

    Any ideas?
    Reply With Quote Reply With Quote
  4. May 24th, 2012, 03:43 PM #4
    ndewet
    ndewet is offline Junior Member
    Join Date
    Jul 2011
    Location
    Cape Town
    Posts
    10

    Default

    I have recently done this using an Interceptor, in fact wanted to do the same in an Endpoint but don't have access to the SOAP header data in an Endpoint as far as I know.

    Here is how I did it, note the Optional class is from Google Guava:

    Code:
    public class UsernameInterceptor implements EndpointInterceptor {
	
	public boolean handleRequest(MessageContext messageContext, Object endpoint) throws Exception {
	
		WebServiceMessage message = messageContext.getRequest();
		
		if (message instanceof SoapMessage) {
            
			SoapMessage soapMessage = (SoapMessage)message;
			
			Optional<String> soapUserName = getSoapUserName(soapMessage);
        }

        /**
	 * Get the Username, contained within a Security and in turn UsernameToken element.
	 * 
	 * @param soapMessage	the SoapMessage instance to be inspected
	 * @return the Optional<String> instance containing the SOAP Username				
	 */
	protected Optional<String> getSoapUserName(SoapMessage soapMessage) {
		
		Assert.notNull(soapMessage);
		
		Iterator<SoapHeaderElement> iterator = soapMessage.getEnvelope().getHeader().examineAllHeaderElements();
        
		while(iterator.hasNext()) {
			
        	SoapHeaderElement header = iterator.next();
        	
        	String headerName = header.getName().getLocalPart();
        	    	
        	if(headerName.equalsIgnoreCase("Security")) {
        		
        		DOMSource domSource = (DOMSource) header.getSource();
        		
        		Node securityNode = domSource.getNode();
        		
        		NodeList securityNodeChildren = securityNode.getChildNodes();
        		
        		for (int i = 0; i < securityNodeChildren.getLength(); i++) {
        			
        			Node childNode = securityNodeChildren.item(i);
        			  
        			if (childNode.getLocalName() != null && childNode.getLocalName().equalsIgnoreCase("UsernameToken")) {
        				
        				NodeList usernameTokenChildren = childNode.getChildNodes();
        				
        				for (int j = 0; j < usernameTokenChildren.getLength(); j++) {
        					
        					Node userNameTokenChild = usernameTokenChildren.item(j);
        					
        					if (userNameTokenChild.getLocalName() != null && userNameTokenChild.getLocalName().equalsIgnoreCase("Username")) {
        						
        						String userNameCandidate = userNameTokenChild.getTextContent();
        						
        						if (StringUtils.hasLength(userNameCandidate)) {
        							
        							return Optional.of(userNameCandidate);
        							
        						} else {
        							
        							return Optional.absent();
        							
        						}
        						
        					}
        					
        				}
        				
        			}
        		}
        		
        	}
        }
		
        return Optional.absent();
	}
    Reply With Quote Reply With Quote
  5. May 28th, 2012, 04:37 AM #5
    kkelleher
    kkelleher is offline Junior Member
    Join Date
    Feb 2011
    Posts
    19

    Default

    Thanks ndewet,

    In your interceptor, once you determined the username, how do you makes externally visible, i.e. to the endpoint? For example did you add a new element to the header?

    Regards,
    kevin
    Reply With Quote Reply With Quote
  6. Jun 1st, 2012, 11:40 PM #6
    ndewet
    ndewet is offline Junior Member
    Join Date
    Jul 2011
    Location
    Cape Town
    Posts
    10

    Default

    Quote Originally Posted by kkelleher View Post
    In your interceptor, once you determined the username, how do you makes externally visible, i.e. to the endpoint? For example did you add a new element to the header?
    That is exactly where I got stuck, and ran out of time. If you have a solution please share.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules