Announcement Announcement Module
No announcement yet.
Basic Spring Web Service Authentication with database username/password Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Basic Spring Web Service Authentication with database username/password

    I am looking for a simple example of Spring Web Service that would serve the purpose of Authentication through database login.

    I have started implementing Spring Security Interceptor such as:
    		<bean id="validatingInterceptor"
    			p:schema="/WEB-INF/xsd/login.xsd" p:validateRequest="true"
    			p:validateResponse="true" />
    		<bean id="loggingInterceptor" class="" />
    		<bean class="">
    			<property name="policyConfiguration" value="/WEB-INF/securityPolicy.xml" />
    			<property name="callbackHandlers">
    					<ref bean="callbackHandler" />
    	<bean id="callbackHandler" class="">
    		<property name="authenticationManager" ref="authenticationManager" />
    Then I created my custom authenticationManager class that implements AuthenticationProvider where I actually want to ping the database with datasource injected with username/password retrieved from the SOAP request. I use UserCredentialsDataSourceAdapter for that.

    I have also created my securityPolicy.xml as:
    <xwss:SecurityConfiguration xmlns:xwss="">
    	<xwss:RequireTimestamp maxClockSkew="60"
    		timestampFreshnessLimit="300" />
    		passwordDigestRequired="false" nonceRequired="false" />
    	<xwss:Timestamp />
    	<xwss:UsernameToken ????????????????? How to return a generated token id here
    		digestPassword="true" useNonce="true" />
    I am having hard time to get all those mappings setup. Meaning retrieving the username/password from the SOAP request and pass it to my authenticationManager.
    Finally, once the login is validated, I'd like to return a token id as part of the SOAP response.

    Thanks for the help!

  • #2
    Can you post your authenticationManager configuration and also the Java code for it?