ws-security - set different username and password in every request

Question

I'm using Apache-CXF to create my web service client that uses ws-security with a UsernameTokenauthentification.

In order to use the same credentials for every request I just add the following properties to my BindingProvider(i.e. the ws-port):

    Map<String, Object> ctx = bindingProvider.getRequestContext();
    ctx.put(SecurityConstants.USERNAME, "myUserName");
    ctx.put(SecurityConstants.PASSWORD, "myPassword");

However, how can I set a different user and password on every request? Is it possible to add some kind of supplier function to the UsernameTokenInterceptor to provide the credential on a per-thread basis (e.g. by readinig them out of a ThreadLocal variable)?

As workaround I implemented a SOAPHandler<SOAPMessageContext> that modifies the Username and Password value in the Security/UsernameToken part of the SOAPHeader. However, I'd prefer to either add an existing SOAPHandler that creates the whole security section or to provide a supplier function to the UsernameTokenInterceptor.

score 0 · Answer 1 · answered Feb 19 '18 at 06:59

Why do you need a UsernameTokenInterceptor? Just use the generated client from cxf and fetch the stub from it and then modify that.

Something along the lines of:

public yourResponse call(final String username, final String password) {
    final YourService service = new YourService();
    final YourStub stub = service.getService();

    final Map ctx = ((BindingProvider)stub).getRequestContext();

    ctx.put("ws-security.username", username);
    ctx.put("ws-security.password", password);

    return stub.callYourMethod(); 
}

So you can put this in a method and pass username and password and hence you can change it anytime.

ws-security - set different username and password in every request

1 Answers1