Looking at this some more, you probably want a different user per
client call, of course. Same concept, put you pass a hashmap to the
client handler and/or server side handler. Sorta like:
this.handlerConfig = new HashMap();
this.handlerConfig.put("elementToEncrypt", elementToEncrypt);
this.handlerConfig.put("verbose", verbose);
//add ClientHandler to chain of events
java.util.List list =
svc.getHandlerRegistry().getHandlerChain(portQN);
list.add(new
javax.xml.rpc.handler.HandlerInfo(ClientHandler.class,this.handlerConfig,null));
The server side handler would pick up the same config, as
demonstrated in the other post. I do the user/password with JAAS, and
so for security reasons I place them in the call itself:
call.setUsername(LDAPUserName);
call.setPassword(LDAPUserPassword);
ret = (String) call.invoke( new Object[] { in } );
and in both my client and server handler, I do:
public boolean doLDAPLogin(javax.xml.rpc.handler.MessageContext
javaxcontext)
{
try
{
org.apache.axis.MessageContext mc =
(org.apache.axis.MessageContext) javaxcontext;
//set jass config parameter on every call to prevent environment
hell
System.getProperties().setProperty("java.security.auth.login.config",
this.jaas_prop);
// login user via JAAS
CallbackHandler callbackHandler = new WSSCallbackHandler(mc,
this.host);
LoginContext lc = new LoginContext(securityDomain,
callbackHandler);
lc.login();
Fwlog.debug(this, Fwlog.WI, "User logged in successfully: " +
mc.getUsername());
// Get instance from singleton
WSSecurityManager wsm = WSSecurityManager.getInstance();
// Get get X509 certificate needed to sign message
this.cert = wsm.getCert(mc.getUsername());
// Get PrivateKey needed to sign X509 Certificate
this.privateKey = wsm.getPrivateKey(mc.getUsername());
// Get SecretKey needed to encrypt/decrypt message
this.secretKey = wsm.getSecretKey(mc.getUsername());
Fwlog.debug(this, Fwlog.WI, "Got cert, pk and sk for user: " +
mc.getUsername());
return true;
}
catch (Exception e)
{
Fwlog.error(this, Fwlog.WI, "ServiceHandler::doLDAPLogin --
Exception: ");
Fwlog.error(this, Fwlog.WI, e);
return false;
}
}
Getting access to your hasmap is like:
public void init(HandlerInfo config)
{
Fwlog.debug(this, Fwlog.WI, "ClientHandler: init ...");
try
{
jaas_prop = System.getProperty("jaas.prop");
if (null == jaas_prop)
{
throw new IllegalStateException("jaas_prop not set, must point
to login config file 'wssDomain.cfg' needed for
java.security.auth.login.config");
}
Map configProps = config.getHandlerConfig();
if (configProps.containsKey("elementToEncrypt"))
{
elementToEncrypt = (String)configProps.get("elementToEncrypt");
}
else
{
throw new IllegalStateException("Handler chain config property
missing: elementToEncrypt");
}
if (configProps.containsKey("host"))
{
host = (String)configProps.get("host");
}
else
{
throw new IllegalStateException("Handler chain config property
missing: host");
}
if (configProps.containsKey("verbose"))
{
String verbose = (String)configProps.get("verbose");
if (verbose.equalsIgnoreCase("on"))
{
debug = true;
}
else if (verbose.equalsIgnoreCase("off"))
{
debug = false;
}
else
{
throw new IllegalStateException("verbose config property not
'on' or 'off': " + verbose);
}
}
else
{
throw new IllegalStateException("Handler chain config property
missing: verbose");
}
}
catch (Exception e)
{
Fwlog.error(this, Fwlog.WI, e);
throw new JAXRPCException(e.toString(), e);
}
}
HTH,
iksrazal
http://www.braziloutsource.com