You are here: Wiki>Security Web>SpringIntegration (12 Apr 2010, MartinWilden)Edit Attach

Spring Integration

For authentification, we have tried two different approaches.

Interceptor approach

In this case we have implemented an Spring EndpointInterceptor_which creates a 52n _AuthenticationContext from a Spring SecurityContext

code snippet 

   public boolean handleRequest(MessageContext messageContext, Object endpoint)
         throws Exception {
         SecurityContext secCtx = SecurityContextHolder.getContext();
         JaasAuthenticationToken authToken = (JaasAuthenticationToken) secCtx.getAuthentication();
         Subject subject = authToken.getLoginContext().getSubject();
         SimpleAuthenticationContext simpleCtx = new SimpleAuthenticationContext(subject);
         AuthenticationContextUtil.setCurrentAuthenticationContext(simpleCtx);
      return true;
   }

configuration snippet 

      <bean
      class="org.springframework.ws.server.endpoint.mapping.PayloadRootQNameEndpointMapping">
      <property name="mappings">
         <props>
            <prop key="{http://www.itemis.de/hoa/spring/ws/product}ProductRequest">ProductServiceEndpoint</prop>
         </props>
      </property>
      <property name="interceptors">
         <list>
            <ref bean="loggingInterceptor" />
            <ref bean="wssecurity" />
            <ref bean="security52nInterceptor" />
         </list>
      </property>
   </bean>
        <bean id="security52nInterceptor" class="Security52nInterceptor" />

Provider approach

To realise this approach we have implemented a Spring AuthenticationProvider and exdended the 52n JAASAuthenticationService

code snippet 

public Authentication authenticate(Authentication authentication)
         throws AuthenticationException {

      JaasAuthenticationToken result = null;
      if (authentication instanceof UsernamePasswordAuthenticationToken) {
         UsernamePasswordAuthenticationToken request = (UsernamePasswordAuthenticationToken) authentication;
         try {
            String username = (String) request.getPrincipal();
            String password = (String) request.getCredentials();
            JAASAuthenticationContext authCtx = (JAASAuthenticationContext) login(new CredentialsCallbackHandler()
                  .add(new UsernamePasswordCredential(username, password)));
            AuthenticationContextUtil
                  .setCurrentAuthenticationContext(authCtx);
            result = new JaasAuthenticationToken(request.getPrincipal(),
                  request.getCredentials(), authCtx.getLoginContext());
            publishSuccessEvent(result);

            return result;
         } catch (AuthenticationException loginException) {
            SpringSecurityException ase = loginExceptionResolver
                  .resolveException(new LoginException());

            publishFailureEvent(request, ase);
            throw ase;
         }
      }

confuguration snippet 

   <bean
      class="org.springframework.ws.server.endpoint.mapping.PayloadRootQNameEndpointMapping">
      <property name="mappings">
         <props>
            <prop key="{http://www.itemis.de/hoa/spring/ws/product}ProductRequest">ProductServiceEndpoint</prop>
         </props>
      </property>
      <property name="interceptors">
         <list>
            <ref bean="loggingInterceptor" />
            <ref bean="wssecurity" />
         </list>
      </property>
   </bean>
   <bean id="wssecurity"
      class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
      <property name="validationActions" value="UsernameToken " />
      <property name="validationCallbackHandler" ref="springSecurityHandler" />
   </bean>

   <bean id="springSecurityHandler"
      class="org.springframework.ws.soap.security.wss4j.callback.SpringPlainTextPasswordValidationCallbackHandler">
      <property name="authenticationManager" ref="authenticationManager52n" />
   </bean>

   <bean id="authenticationManager52n" class="org.springframework.security.providers.ProviderManager">
      <property name="providers">
         <bean class="AuthServiceImpl">
         <property name="loginConfig">
               <value>/WEB-INF/login.conf</value>
            </property>
            </bean>
      </property>
   </bean>
Tags:
create new tag
, view all tags
Edit  | Attach | Print version | History: r3 < r2 < r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r2 - 12 Apr 2010, MartinWilden
Legal Notice | Privacy Statement

This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Wiki? Send feedback