I try to implement a Security Token Service (Server side) with a requested UsernameToken and my service should response a token, which is generated by cxf. I use JAVA, Spring Boot and a java-based configuration.
I have some problems to implement a custom Token Provider and using the default tokenstore from cxf.
My custom SCTProvider:
public class BiPROTokenProvider extends SCTProvider{
private static final String WSC_IDENTIFIER = "wsc:Identifier";
private static final String BIPRO_PRAEFIX = "bipro:";
@Override
public TokenProviderResponse createToken(TokenProviderParameters tokenParameters) {
TokenProviderResponse response = super.createToken(tokenParameters);
String biproId = BIPRO_PRAEFIX + response.getTokenId().split(":")[1];
//NodeList identifier = ((Element) response.getToken()).getElementsByTagName(WSC_IDENTIFIER);
//identifier.item(0).setTextContent(biproId);
//Element identifier = response.getTokenId().getElementsByTagName(WSC_IDENTIFIER);
//super.createToken(tokenParameters).setTokenId(biproId);
response.setTokenId(biproId);
return response;
}
}
My first problem is, that I do not know where I should include my custom SCT Provider? - is it possible do to it at my endpoint publish?
@Bean
public Endpoint endpoint() {
EndpointImpl endpoint = new EndpointImpl(springBus(), securityTokenServicePortType());
endpoint.setServiceName(securityTokenService26010().getServiceName());
endpoint.setWsdlLocation(securityTokenService26010().getWSDLDocumentLocation().toString());
endpoint.publish("/SecurityTokenService-2.6.0.1.0");
endpoint.getOutFaultInterceptors().add(soapInterceptor());
return endpoint;
}
@Bean
public DefaultInMemoryTokenStore defaulttokenStore(){
return new DefaultInMemoryTokenStore();
}
@Bean
SCTProvider customSCTProvider(){
return new BiPROTokenProvider();
}
Second problem: I want to store my generated token in a default tokenstore from cxf. I read something about a tokenstore. http://cxf.apache.org/docs/ws-securitypolicy.html In my opinion I have to include the tokenstore in the enpointproperties from service implementation.
@WebService
(
portName = "wst:UserPasswordLogin",
serviceName = "SecurityTokenService_2.6.0.1.0",
wsdlLocation = "src/main/resources/wsdl/SecurityTokenService- 2.6.0.1.0.wsdl",
endpointInterface = "net.bipro.namespace.SecurityTokenServicePortType"
)
@EndpointProperties({
@EndpointProperty(key = "ws-security.callback-handler", value="com.muki.endpoint.STSCallbackHandler"),
//@EndpointProperty(key = "ws-security.add.inclusive.prefixes", value="false"),
@EndpointProperty(key = "org.apache.cxf.ws.security.tokenstore.TokenStore", value="TOKEN_STORE_CACHE_INSTANCE"),
})
public class SecurityTokenEndpoint implements SecurityTokenServicePortType {
...
}
But if I include the tokenstore via the endpoint properties, I receive the following error.
<faultstring>java.lang.String cannot be cast to org.apache.cxf.ws.security.tokenstore.TokenStore</faultstring>
Can anybody help how I include a tokenstore and my custom SCT Provider?
I had similar issue but I use xml configuration. Instead of value
I used value-ref
and passed bean there:
<jaxws:endpoint
id="endpointId"
address="/foo/bar"
...
serviceName="ns1:ServiceName">
<jaxws:properties>
...
<entry key="org.apache.cxf.ws.security.tokenstore.TokenStore" value-ref="tokenStore" />
</jaxws:properties>
</jaxws:endpoint>
<bean id="tokenStore" class="org.apache.cxf.ws.security.tokenstore.MemoryTokenStore"/>
The error was gone but it wasn't working correctly - TokenStore wasn't set. So I tried another approach. Instead of editing endpoint I added that entry to bus config:
<cxf:bus>
<cxf:properties>
<entry key="org.apache.cxf.ws.security.tokenstore.TokenStore" value-ref="tokenStore" />
</cxf:properties>
</cxf:bus>
<bean id="tokenStore" class="org.apache.cxf.ws.security.tokenstore.MemoryTokenStore"/>
As for your question, I believe your syntax would look like:
@EndpointProperty(key = "org.apache.cxf.ws.security.tokenstore.TokenStore", ref="bean-name")
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.