Reputation: 49
Need secure header code in java
I need to access the secure webservice. I need to pass the secure header in the soap request.Please help me to provide the custom secure header code in java.
Requirement:
<soapenv:Header>
<wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext">
<wsse:UsernameToken xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">
<wsse:Username>XYZ</wsse:Username>
<wsse:Password Type="wsse:PasswordText">security</wsse:Password>
</wsse:UsernameToken>
i Appreciate if any one help me on this.`
Upvotes: 1
Views: 12239
Answers (3)
Reputation: 346
Seems pretty clear that you want to add a UsernameToken security header. There are at least a couple of different ways of doing this. If you have a WSDL service definition which includes the WS-SecurityPolicy component you can just set the appropriate properties to define the username and password values, as shown in this article
If you want to set this up directly (without using a policy), you can do so in your client code. Here's a sample of how this would work:`
// create the client stub
MyService service = new MyService();
MyServicePort stub = service.getMyServicePort();
// configure UsernameToken security handling
Map<String, Object> props = new HashMap<String, Object>();
props.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
props.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
props.put(WSHandlerConstants.USER, "XYZ");
props.put(WSHandlerConstants.PW_CALLBACK_CLASS, PasswordHandler.class.getName());
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(props);
Client client = ClientProxy.getClient(stub);
client.getOutInterceptors().add(wssOut);
...
/**
* Callback for password used by WS-Security UsernameToken.
*/
public static class PasswordHandler implements CallbackHandler
{
public void handle(Callback[] callbacks) {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
pc.setPassword("security");
}
}
}
`
Upvotes: 3
Reputation: 49
thanks you for your support. I used the following code for secure header , it is working fine for me.
SOAPHeaderElement wsseSecurity = new SOAPHeaderElement(new PrefixedQName("http://schemas.xmlsoap.org/ws/2002/07/secext","Security", "wsse"));
wsseSecurity.setMustUnderstand(false);
wsseSecurity.setActor(null);
SOAPElement sub = wsseSecurity.addChildElement("UsernameToken");
sub.setAttribute("xmlns:wsu", "http://schemas.xmlsoap.org/ws/2002/07/utility");
SOAPElement userElement = sub.addChildElement("Username");
userElement.addTextNode("XYZ");
SOAPElement pwdElement = sub.addChildElement("Password");
pwdElement.setAttribute("Type", "wsse:PasswordText");
pwdElement.addTextNode("security");
_stub.setHeader(wsseSecurity);
Upvotes: 2
Reputation: 7284
Your question is not clear!
Take a look at the article and this topic.
BTW
If you mean having security on transport level protocols like HTTPS , you may see Apache CXF SSl support.
If you mean WS-Security above and beyond transport level protocols, such as XML-Encryption or X509 you may see Apache CXF WS-Security
Upvotes: 1
Related Questions
- JAX-WS - Adding SOAP Headers
- How to generate java classes for secured(https) soap web service using Apache cxf
- How to add soap header in java
- SOAP security header with UsernameToken and SecurityContextToken - CXF
- cxf security headers for client using java
- how to add security header in jax-ws request
- Adding security headers to request in CXF
- Adding HTTP headers from the CXF service implementation
- How to add SOAP Security Header (UsernameToken) information to code-first Webservice Generated WSDL
- SOAP web-services with security header