Skip to main content

(auth) callback handler for 100 users

6 replies [Last post]
Anonymous

Hi,

i've a question regarding callback handler.

If i have a WS client which is acting in the name of 100 users, how can
the username or password callback work?

I mean, how does the callback know which name or password needs to be
set? The one of user1 or of user 100?

One possibility is to store the crendentials to a TheadLocal object. The
callback handler can fetch it from there.

But this needs the "one thread for every user" strategy? If i can't use
this strategy, how can i solve the problem? Any great (and simple?) ideas?

Cheers,

Ingo

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@metro.dev.java.net
For additional commands, e-mail: users-help@metro.dev.java.net

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Ingo Siebert

Hi Kumarjayanti

> Does your client code know which user it is at any given time ?. If so then you can do the following :

This is my question. How does my (name/password) callback class know the
"current" user who executes the request?

Cheers,

Ingo

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@metro.dev.java.net
For additional commands, e-mail: users-help@metro.dev.java.net

kumarjayanti
Offline
Joined: 2003-12-10
Points: 0

I am not sure i understand the question.

But the name/password callbacks never know the current user. It is the code which calls the name/password callbacks that needs to know who the current user is.

Application code is really being split into two.

1. One part where the WebService Client Proxy is created and a method is invoked on it
2. The Username and Password CallbackHandler classes which are called by the WSIT runtime.

Now if you are aware of who the current user is in part 1 above then, you can remove the CallbackHandler's completely and set the properties i mentioned earlier.

Ingo Siebert

Thanks for your answers Kumarjayanti.

But your idea only works, if two requests by different users are never
made at the same time. This assumption isn't true in many cases.

Do you agree?

Ingo

metro@javadesktop.org schrieb:
> I am not sure i understand the question.
>
> But the name/password callbacks never know the current user. It is the code which calls the name/password callbacks that needs to know who the current user is.
>
> Application code is really being split into two.
>
> 1. One part where the WebService Client Proxy is created and a method is invoked on it
> 2. The Username and Password CallbackHandler classes which are called by the WSIT runtime.
>
> Now if you are aware of who the current user is in part 1 above then, you can remove the CallbackHandler's completely and set the properties i mentioned earlier.
> [Message sent by forum member 'kumarjayanti' (kumarjayanti)]
>
> http://forums.java.net/jive/thread.jspa?messageID=258666
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@metro.dev.java.net
> For additional commands, e-mail: users-help@metro.dev.java.net
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@metro.dev.java.net
For additional commands, e-mail: users-help@metro.dev.java.net

kumarjayanti
Offline
Joined: 2003-12-10
Points: 0

I agree that different users can make requests in parallel, but then if each user has its own proxy instance things will still work fine.

If you have a single proxy instance and intend to use that from multiple threads in parallel then since the CBH is a single instance per-proxy there will be a mixup.

I am still not clear if you are hinting at a Problem in WSIT. Are you using WSIT/Metro or are you using XWSS 2.0 style security and callbackhandlers.

If you think there is a missing functionality can you file an RFE with appropriate description.

kumarjayanti
Offline
Joined: 2003-12-10
Points: 0

So are you saying there is a single WebService Client Proxy instance that is acting on behalf of 100 users ?.

Does your client code know which user it is at any given time ?. If so then you can do the following :

In the WebService Client code add the following line(s) before invoking the method on the Proxy.

import com.sun.xml.wss.XWSSConstants;

((BindingProvider)port).getRequestContext().put(XWSSConstants.USERNAME_PROPERTY, usernameX); ((BindingProvider)port).getRequestContext().put(XWSSConstants.PASSWORD_PROPERTY, passwordX);

And once you use this, you need to remove the CallbackHandler Configuration from the wsit-client.xml.

kumarjayanti
Offline
Joined: 2003-12-10
Points: 0

you will need to download latest nightly if you want to use this.

With older nightlies you can set BindingProvider.USERNAME_PROPERTY and PASSWORD_PROPERTY, but we intend to deprecate the use of these properties for WS-Security (because they were not meant to be used for WS-Security, and seem to cause side-effect of double authentication on some containers).