AnsweredAssumed Answered

Replacing AuthenticationUtils

Question asked by dschmalz on Jul 3, 2006
Hi,

I'm wondering why the org/alfresco/webservice/util/WebServiceFactory class has hard-coded links to the AuthenticationUtils class. I was trying to write a slightly different class that would perform the authentication and was ending up with the following error:


AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
faultSubcode:
faultString: WSDoAllSender: password callback class provided null or empty password
faultActor:
faultNode:
faultDetail:
   {http://xml.apache.org/axis/}stackTrace:WSDoAllSender: password callback class provided null or empty password
   at org.apache.ws.axis.security.WSDoAllSender.getPassword(WSDoAllSender.java:861)
   at org.apache.ws.axis.security.WSDoAllSender.performUTAction(WSDoAllSender.java:465)
   at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:314)
   at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
   at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
   at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
   at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
   at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
   at org.apache.axis.client.Call.invoke(Call.java:2767)
   at org.apache.axis.client.Call.invoke(Call.java:2443)
   at org.apache.axis.client.Call.invoke(Call.java:2366)
   at org.apache.axis.client.Call.invoke(Call.java:1812)
   at org.alfresco.webservice.repository.RepositoryServiceSoapBindingStub.query(RepositoryServiceSoapBindingStub.java:774)
[…]

   {http://xml.apache.org/axis/}hostname:localhost

WSDoAllSender: password callback class provided null or empty password
   at org.apache.ws.axis.security.WSDoAllSender.getPassword(WSDoAllSender.java:861)
   at org.apache.ws.axis.security.WSDoAllSender.performUTAction(WSDoAllSender.java:465)
   at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:314)
   at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
   at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
   at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
   at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
   at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
   at org.apache.axis.client.Call.invoke(Call.java:2767)
   at org.apache.axis.client.Call.invoke(Call.java:2443)
   at org.apache.axis.client.Call.invoke(Call.java:2366)
   at org.apache.axis.client.Call.invoke(Call.java:1812)
   at org.alfresco.webservice.repository.RepositoryServiceSoapBindingStub.query(RepositoryServiceSoapBindingStub.java:774)
[…]

It seems that if one uses another class for performing authentication, the rest of the code (i.e. the WebServiceFactory) still tries to look for the password (ticket) in the AuthenticationUtils class. The AuthenticationUtils class having of course no reference to the ticket returns <null> or <empty> and the above exception occurs.

It would be nice to externalize the authentication component with properties or proper Spring beans instead of having hard-coded references. Am I correct or was it done on purpose?

Thanks,
David

Outcomes