You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Andreas Røsdal <an...@gmail.com> on 2019/01/12 18:05:56 UTC
Authenticate to SOAP service using username and empty password using
Apache CXF
Hello!
I would like to connect and authenticate to a SOAP service using Apache
CXF. I should authenticate with a known username and the password should be
empty.
I am using code which is similar to this example:
https://github.com/apache/cxf/blob/master/distribution/src/main/release/samples/ws_security/ut/src/main/java/demo/wssec/client/Client.java
I have managed to connect to the SOAP service using SOAP UI. However, when
I try to connect using Apache CXF, I get various Exeptions in Apache CXF
about missing password.
So, how do I authenticate to a SOAP service using Apache CXF with a known
username and an empty password? Is there some example code i could use?
Should I provice a passwordCallbackClass when there is no password?
This is my SOAP request from SOAP UI:
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:prov="http://provisioning.ssss.net/ovisioninggateway/"
xmlns:vis="http://schemas.datacontract.org/2004/07/sdsdsdsd.Proddfsioning.ProvisioningGaay.API"
xmlns:arr="http://schemas.microsoft.com/2003/10/Serialization/Arrays">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1">
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-1">
<wsse:Username>fooo</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"></wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
Re: Authenticate to SOAP service using username and empty password
using Apache CXF
Posted by Colm O hEigeartaigh <co...@apache.org>.
You could write a CallbackHandler to return an empty password for the user
in question.
Bear in mind that authentication does not mean much if you are specifying
an empty password :-)
Colm.
On Sat, Jan 12, 2019 at 6:06 PM Andreas Røsdal <an...@gmail.com>
wrote:
> Hello!
>
> I would like to connect and authenticate to a SOAP service using Apache
> CXF. I should authenticate with a known username and the password should be
> empty.
>
> I am using code which is similar to this example:
>
> https://github.com/apache/cxf/blob/master/distribution/src/main/release/samples/ws_security/ut/src/main/java/demo/wssec/client/Client.java
>
> I have managed to connect to the SOAP service using SOAP UI. However, when
> I try to connect using Apache CXF, I get various Exeptions in Apache CXF
> about missing password.
>
> So, how do I authenticate to a SOAP service using Apache CXF with a known
> username and an empty password? Is there some example code i could use?
> Should I provice a passwordCallbackClass when there is no password?
>
> This is my SOAP request from SOAP UI:
>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:prov="http://provisioning.ssss.net/ovisioninggateway/"
> xmlns:vis="
> http://schemas.datacontract.org/2004/07/sdsdsdsd.Proddfsioning.ProvisioningGaay.API
> "
> xmlns:arr="http://schemas.microsoft.com/2003/10/Serialization/Arrays">
> <soapenv:Header>
> <wsse:Security xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
> soapenv:mustUnderstand="1">
> <wsse:UsernameToken
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> wsu:Id="UsernameToken-1">
> <wsse:Username>fooo</wsse:Username>
> <wsse:Password Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> "></wsse:Password>
> </wsse:UsernameToken>
> </wsse:Security>
> </soapenv:Header>
>
>
> <soapenv:Body>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com