Announcement Announcement Module
Collapse
No announcement yet.
Get username from SoapHeader's UsernameToken Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Get username from SoapHeader's UsernameToken

    as title, How can I obtain the username from soapheader to perform further action?

    I already use SimplePasswordValidationCallbackHandler to do the authenticaiton successfully, then I need to get back the username to perform other validation.

  • #2
    You could obtain the authenticated user from the Spring Security Context. See below.

    Code:
    Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();
    
    String username = currentUser.getName();

    Comment


    • #3
      Originally posted by vbose View Post
      You could obtain the authenticated user from the Spring Security Context. See below.

      Code:
      Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();
      
      String username = currentUser.getName();
      Hi,

      I tied this but get a null pointer exception. currentUser is null. I'm using spring-ws-2.0.4-RELEASE and playing around with the tutorial example.

      Any ideas?

      Comment


      • #4
        I have recently done this using an Interceptor, in fact wanted to do the same in an Endpoint but don't have access to the SOAP header data in an Endpoint as far as I know.

        Here is how I did it, note the Optional class is from Google Guava:

        Code:
        public class UsernameInterceptor implements EndpointInterceptor {
        	
        	public boolean handleRequest(MessageContext messageContext, Object endpoint) throws Exception {
        	
        		WebServiceMessage message = messageContext.getRequest();
        		
        		if (message instanceof SoapMessage) {
                    
        			SoapMessage soapMessage = (SoapMessage)message;
        			
        			Optional<String> soapUserName = getSoapUserName(soapMessage);
                }
        
                /**
        	 * Get the Username, contained within a Security and in turn UsernameToken element.
        	 * 
        	 * @param soapMessage	the SoapMessage instance to be inspected
        	 * @return the Optional<String> instance containing the SOAP Username				
        	 */
        	protected Optional<String> getSoapUserName(SoapMessage soapMessage) {
        		
        		Assert.notNull(soapMessage);
        		
        		Iterator<SoapHeaderElement> iterator = soapMessage.getEnvelope().getHeader().examineAllHeaderElements();
                
        		while(iterator.hasNext()) {
        			
                	SoapHeaderElement header = iterator.next();
                	
                	String headerName = header.getName().getLocalPart();
                	    	
                	if(headerName.equalsIgnoreCase("Security")) {
                		
                		DOMSource domSource = (DOMSource) header.getSource();
                		
                		Node securityNode = domSource.getNode();
                		
                		NodeList securityNodeChildren = securityNode.getChildNodes();
                		
                		for (int i = 0; i < securityNodeChildren.getLength(); i++) {
                			
                			Node childNode = securityNodeChildren.item(i);
                			  
                			if (childNode.getLocalName() != null && childNode.getLocalName().equalsIgnoreCase("UsernameToken")) {
                				
                				NodeList usernameTokenChildren = childNode.getChildNodes();
                				
                				for (int j = 0; j < usernameTokenChildren.getLength(); j++) {
                					
                					Node userNameTokenChild = usernameTokenChildren.item(j);
                					
                					if (userNameTokenChild.getLocalName() != null && userNameTokenChild.getLocalName().equalsIgnoreCase("Username")) {
                						
                						String userNameCandidate = userNameTokenChild.getTextContent();
                						
                						if (StringUtils.hasLength(userNameCandidate)) {
                							
                							return Optional.of(userNameCandidate);
                							
                						} else {
                							
                							return Optional.absent();
                							
                						}
                						
                					}
                					
                				}
                				
                			}
                		}
                		
                	}
                }
        		
                return Optional.absent();
        	}

        Comment


        • #5
          Thanks ndewet,

          In your interceptor, once you determined the username, how do you makes externally visible, i.e. to the endpoint? For example did you add a new element to the header?

          Regards,
          kevin

          Comment


          • #6
            Originally posted by kkelleher View Post
            In your interceptor, once you determined the username, how do you makes externally visible, i.e. to the endpoint? For example did you add a new element to the header?
            That is exactly where I got stuck, and ran out of time. If you have a solution please share.

            Comment


            • #7
              Originally posted by ndewet View Post
              That is exactly where I got stuck, and ran out of time. If you have a solution please share.
              See http://forum.springsource.org/showth...rs-thread-Safe

              Comment

              Working...
              X