Hello,
I have a Spring-WS service using PayloadRootAnnotationMethodEndpointMapping that has several interceptors:
<bean class="org.springframework.ws.server.endpoint.mapping.PayloadRootAnnotationMethodEndpointMapping">
<property name="interceptors">
<list>
<ref local="loggingInterceptor"/>
<ref local="validatingInterceptor"/>
<ref local="securityInterceptor"/>
</list>
</property>
</bean>
My securityIntercetor is a Wss4jSecurityInterceptor interceptor.
Everything works fine, except that the securityIntercetor is at the @Endpoint level, I want it to be at the @PayloadRoot (operation).
The way I authenticate users is using UsernameToken, then I go against LDAP and get the roles and depending on the role I want to allow/prohibit the user to execute an operation.
I assume there isn't a out of the box solution for this.
So my question is: how in the securityIntercetor can I get what operation is being called so I can check depending on my settings to allow or not the execution of a specific operation.
Or maybe you have other ideas.
Thanks.