Link between HTTP Session User and WS-Security CallBackHandler

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Link between HTTP Session User and WS-Security CallBackHandler

Jérôme Blanchard
Hi,

I'm trying to propagate the Web Application Authentication (HTTP-Basic)
stored in the Http Session to a SOAP Web Service Client which should use
UserNameToken Authentication (with symetric key).

I want to inject the authenticated user in the http session into the
SOAP request usertoken generation but, using a CallbackHandler, it is
not possible to retreive informations about Http Session...

Is there is a way to integrate WS-Security of Metro allowing to use Web
Tier authentication information (principal) to inject into SOAP Client
Request ?

Thanks, Jérôme.