package com.company.auth.service; import java.io.IOException; import java.io.OutputStream; import java.net.HttpURLConnection; import java.util.Arrays; import java.util.Map; import org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor; import org.apache.cxf.configuration.security.AuthorizationPolicy; import org.apache.cxf.endpoint.Endpoint; import org.apache.cxf.interceptor.Fault; import org.apache.cxf.message.Exchange; import org.apache.cxf.message.Message; import org.apache.cxf.transport.Conduit; import org.apache.cxf.ws.addressing.EndpointReferenceType; import org.springframework.security.Authentication; import org.springframework.security.context.SecurityContextHolder; import org.springframework.security.providers.AuthenticationProvider; import org.springframework.security.providers.UsernamePasswordAuthenticationToken; public class BasicAuthAuthorizationInterceptor extends SoapHeaderInterceptor { AuthenticationProvider authenticationProvider; public void setAuthenticationProvider(final AuthenticationProvider authenticationProvider) { this.authenticationProvider = authenticationProvider; } @Override public void handleMessage(final Message message) throws Fault { try { final AuthorizationPolicy policy = message.get(AuthorizationPolicy.class); if (policy == null) { sendErrorResponse(message, HttpURLConnection.HTTP_UNAUTHORIZED); return; } Authentication authentication = new UsernamePasswordAuthenticationToken(policy .getUserName(), policy.getPassword()); authentication = authenticationProvider.authenticate(authentication); SecurityContextHolder.getContext().setAuthentication(authentication); } catch (final RuntimeException ex) { sendErrorResponse(message, HttpURLConnection.HTTP_UNAUTHORIZED); throw ex; } } @SuppressWarnings("unchecked") private void sendErrorResponse(final Message message, final int responseCode) { final Message outMessage = getOutMessage(message); outMessage.put(Message.RESPONSE_CODE, responseCode); // Set the response headers final Map responseHeaders = (Map) message.get(Message.PROTOCOL_HEADERS); if (responseHeaders != null) { responseHeaders.put("WWW-Authenticate", Arrays .asList(new String[] { "Basic realm=realm" })); responseHeaders.put("Content-Length", Arrays.asList(new String[] { "0" })); } message.getInterceptorChain().abort(); try { getConduit(message).prepare(outMessage); close(outMessage); } catch (final IOException e) { e.printStackTrace(); } } private Message getOutMessage(final Message inMessage) { final Exchange exchange = inMessage.getExchange(); Message outMessage = exchange.getOutMessage(); if (outMessage == null) { final Endpoint endpoint = exchange.get(Endpoint.class); outMessage = endpoint.getBinding().createMessage(); exchange.setOutMessage(outMessage); } outMessage.putAll(inMessage); return outMessage; } private Conduit getConduit(final Message inMessage) throws IOException { final Exchange exchange = inMessage.getExchange(); final EndpointReferenceType target = exchange.get(EndpointReferenceType.class); final Conduit conduit = exchange.getDestination().getBackChannel(inMessage, null, target); exchange.setConduit(conduit); return conduit; } private void close(final Message outMessage) throws IOException { final OutputStream os = outMessage.getContent(OutputStream.class); os.flush(); os.close(); } }
import java.io.IOException;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.util.Arrays;
import java.util.Map;
import org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Exchange;
import org.apache.cxf.message.Message;
import org.apache.cxf.transport.Conduit;
import org.apache.cxf.ws.addressing.EndpointReferenceType;
import org.springframework.security.Authentication;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
public class BasicAuthAuthorizationInterceptor extends SoapHeaderInterceptor
{
AuthenticationProvider authenticationProvider;
public void setAuthenticationProvider(final AuthenticationProvider authenticationProvider)
{
this.authenticationProvider = authenticationProvider;
}
@Override
public void handleMessage(final Message message) throws Fault
{
try
{
final AuthorizationPolicy policy = message.get(AuthorizationPolicy.class);
if (policy == null)
{
sendErrorResponse(message, HttpURLConnection.HTTP_UNAUTHORIZED);
return;
}
Authentication authentication = new UsernamePasswordAuthenticationToken(policy
.getUserName(), policy.getPassword());
authentication = authenticationProvider.authenticate(authentication);
SecurityContextHolder.getContext().setAuthentication(authentication);
}
catch (final RuntimeException ex)
{
sendErrorResponse(message, HttpURLConnection.HTTP_UNAUTHORIZED);
throw ex;
}
}
@SuppressWarnings(“unchecked”)
private void sendErrorResponse(final Message message, final int responseCode)
{
final Message outMessage = getOutMessage(message);
outMessage.put(Message.RESPONSE_CODE, responseCode);
// Set the response headers
final Map responseHeaders = (Map) message.get(Message.PROTOCOL_HEADERS);
if (responseHeaders != null)
{
responseHeaders.put(“WWW-Authenticate”, Arrays
.asList(new String[] { “Basic realm=realm” }));
responseHeaders.put(“Content-Length”, Arrays.asList(new String[] { “0” }));
}
message.getInterceptorChain().abort();
try
{
getConduit(message).prepare(outMessage);
close(outMessage);
}
catch (final IOException e)
{
e.printStackTrace();
}
}
private Message getOutMessage(final Message inMessage)
{
final Exchange exchange = inMessage.getExchange();
Message outMessage = exchange.getOutMessage();
if (outMessage == null)
{
final Endpoint endpoint = exchange.get(Endpoint.class);
outMessage = endpoint.getBinding().createMessage();
exchange.setOutMessage(outMessage);
}
outMessage.putAll(inMessage);
return outMessage;
}
private Conduit getConduit(final Message inMessage) throws IOException
{
final Exchange exchange = inMessage.getExchange();
final EndpointReferenceType target = exchange.get(EndpointReferenceType.class);
final Conduit conduit = exchange.getDestination().getBackChannel(inMessage, null, target);
exchange.setConduit(conduit);
return conduit;
}
private void close(final Message outMessage) throws IOException
{
final OutputStream os = outMessage.getContent(OutputStream.class);
os.flush();
os.close();
}
}
it’s does’t work at websphere 6.1~~~~~~~~~~
Can you be more specific about configuration you have?