You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by brianfm <bf...@gmail.com> on 2009/01/24 15:12:16 UTC
setting username/password in soap header programmatically
Hi,
My application requires that I programmatically set a username and password
into the ws-security standard locations in the soap header. Note that I do
not want to configure Rampart athentication because authentication logic
will be fully proprietery in the server.
I intend to just retrieve the usename/password from soap header
programmtically from server and then authenticate.
thanks,
Brian
--
View this message in context: http://www.nabble.com/setting-username-password-in-soap-header-programmatically-tp21641020p21641020.html
Sent from the Axis - User mailing list archive at Nabble.com.
Re: setting username/password in soap header programmatically
Posted by Sameera Jayasoma <sa...@gmail.com>.
Hi,
One solution would be to engage Rampart at the client side and attach a
username token to your soap message. Other solution would be to add custom
headers to your SOAP message. Following article may help you to add custom
headers to a SOAP message.
https://wso2.org/library/3156
On Sat, Jan 24, 2009 at 7:42 PM, brianfm <bf...@gmail.com> wrote:
>
> Hi,
>
> My application requires that I programmatically set a username and password
> into the ws-security standard locations in the soap header. Note that I do
> not want to configure Rampart athentication because authentication logic
> will be fully proprietery in the server.
> I intend to just retrieve the usename/password from soap header
> programmtically from server and then authenticate.
>
> thanks,
>
> Brian
> --
> View this message in context:
> http://www.nabble.com/setting-username-password-in-soap-header-programmatically-tp21641020p21641020.html
> Sent from the Axis - User mailing list archive at Nabble.com.
>
>
--
Sameera Jayasoma
Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://tech.jayasoma.org
Re: setting username/password in soap header programmatically
Posted by brianfm <bf...@gmail.com>.
Hey,
I think i can do this using the code below. which will go into an outflow
handler.
Question now, is how to programmatically add an outflow handler:
mport org.apache.axis.AxisFault;
import org.apache.axis.Message;
import org.apache.axis.MessageContext;
import org.apache.axis.handlers.BasicHandler;
import org.apache.axis.message.SOAPEnvelope;
import org.apache.axis.message.SOAPHeaderElement;
import org.apache.axis.session.Session;
import org.apache.axis.transport.http.HTTPConstants;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.WSSecUsernameToken;
import org.w3c.dom.Document;
public class RequestHandler extends BasicHandler {
public void invoke(MessageContext messageContext) throws AxisFault {
MessageContext currContext = messageContext.getCurrentContext();
Message message = currContext .getRequestMessage();
SOAPEnvelope envelope = message.getSOAPEnvelope();
try {
Document doc = envelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader("",false);
secHeader.insertSecurityHeader(doc);
String username = "user1";
String password = "password";
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
builder.setUserInfo(username, password);
builder.prepare(doc);
builder.appendToHeader(secHeader);
envelope.addHeader(new
SOAPHeaderElement(secHeader.getSecurityHeader()));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
brianfm wrote:
>
> Hi,
>
> My application requires that I programmatically set a username and
> password into the ws-security standard locations in the soap header. Note
> that I do not want to configure Rampart athentication because
> authentication logic will be fully proprietery in the server.
> I intend to just retrieve the usename/password from soap header
> programmtically from server and then authenticate.
>
> thanks,
>
> Brian
>
--
View this message in context: http://www.nabble.com/setting-username-password-in-soap-header-programmatically-tp21641020p21691330.html
Sent from the Axis - User mailing list archive at Nabble.com.
AW: AW: setting username/password in soap header programmatically
Posted by Mario-Leander Reimer <le...@vva-networks.de>.
Hi,
then your example with the PingServiceLocator and the PingPort classes confused me.
I also use wsdl2java (well the Maven plugin with wsdl2code goal), and I end up with a couple of classes and interfaces.
For the client code I use the generated class that ends in Stub, so I would expect something like PingServiceStub that extends from org.apache.axis2.client.Stub and implements PingService
Maybe the names are a little different.
Then construct a org.apache.axis2.context.ConfigurationContext instance using
ConfigurationContext context = ConfigurationContextFactory
.createConfigurationContextFromFileSystem(this.axis2repo,
this.axis2xml);
The parameters are the location of the axis2repo (where your modules are) and the axis2xml parameter sets the location of the "client" axis2.xml (well, I just use a customized axis2.xml for my client). The most important changes for my service and client are
<module ref="rampart"/>
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken</items>
<passwordType>PasswordText</passwordType>
<!-- for encrypted passwords
<passwordType>PasswordDigest</passwordType>
-->
<addUTElements>Nonce Created</addUTElements>
<!-- if you want to set it in the config statically
<user>username</user>
<passwordCallbackClass>OutflowSecurityCallbackHandler</passwordCallbackClass>
-->
</action>
</parameter>
Then construct the service stub with the context
this.serviceStub = new PingServiceStub(context, "enter service URL here");
Then get the service options
org.apache.axis2.client.Options options = this.serviceStub
._getServiceClient().getOptions();
And set the security options programmatically as previously posted, e.g.
options.setProperty(WSHandlerConstants.USER, this.user);
OutflowSecurityCallbackHandler cbh = new OutflowSecurityCallbackHandler();
options.setProperty(WSHandlerConstants.PW_CALLBACK_REF, cbh);
That should do it. Obviously your service also needs to have the proper Rampart and InflowSecurity parameter configuration in its service.xml or the server side axis2.xml.
BR,
Leander
> -----Ursprüngliche Nachricht-----
> Von: brianfm [mailto:bfmurphy@gmail.com]
> Gesendet: Mittwoch, 28. Januar 2009 10:26
> An: axis-user@ws.apache.org
> Betreff: Re: AW: setting username/password in soap header
> programmatically
>
>
> Hi,
>
> thanks agagin for your reply. I am using Axis2 (with Rampart 1.4) and
> not
> Axis 1.
> I am generating a stub for my client using wsdl2java. I just noticed
> from
> your reply you say to use axis2.xml for the client, where would I
> insert
> this. I have searched the web extensively, there does not seem to be
> any way
> of the client inserting a handler programmatically,
>
> thanks,
>
> Brian
>
> Mario-Leander Reimer wrote:
> >
> > Hi Brain,
> >
> > I just realized that you are using Axis1. Sorry for the
> misunderstanding.
> >
> > The code you had sent will was for Axis2, I have this working under
> Axis2
> > 1.4.1 with Rampart 1.4.
> >
> > Unfortunately I have no experience with Axis1 so I can't help you any
> > further.
> >
> > Regards,
> > Leander
> >
> >
> >
> >> -----Ursprüngliche Nachricht-----
> >> Von: brianfm [mailto:bfmurphy@gmail.com]
> >> Gesendet: Dienstag, 27. Januar 2009 18:18
> >> An: axis-user@ws.apache.org
> >> Betreff: Re: setting username/password in soap header
> programmatically
> >>
> >>
> >> Hi,
> >>
> >> thanks to everyone again who has replied.
> >> I would prefer not to add custom headers to the soap message, i want
> to
> >> use
> >> the ws-security usernametoken.
> >> Thanks Leander for your response, but that approach did not work.
> >> In the wss4j documentation, is the following code snippit.
> >> Unfortunately, it is not clear on which object the _setPropery in on
> -
> >> its
> >> is not on any generation code from wsdl2java or in the apit:
> >>
> >> PingServiceLocator service = new PingServiceLocator();
> >> ...
> >> PingPort port = (PingPort) service.getPing1();
> >> port._setProperty(UsernameToken.PASSWORD_TYPE,
> >> WSConstants.PASSWORD_TEXT);
> >> port._setProperty(WSHandlerConstants.USER, "werner");
> >>
> >> This is from the package description of org.apache.ws.axis.security.
> >>
> >> I had success with the following approach , but all these classes
> are
> >> deprecated, and no alternative is suggested in the api.
> >>
> >> OutflowConfiguration outflowConfig = new
> >> OutflowConfiguration();
> >>
> >>
> >> outflowConfig.setActionItems("UsernameToken");
> >>
> >>
> >> outflowConfig.setUser("bob");
> >>
> >>
> >>
> outflowConfig.setPasswordCallbackClass("test1.security.PWCBClientHandle
> >> r");
> >>
> >>
> >>
> axisstub._getServiceClient().getOptions().setProperty(WSSHandlerConstan
> >> ts.OUTFLOW_SECURITY,
> >>
> >>
> >> outflowConfig.getProperty());
> >>
> >> I am trying to attempt something basic here, unfortunately the api
> doc
> >> is
> >> quite poor.
> >> Any ideas?
> >>
> >> Brian
> >>
> >> brianfm wrote:
> >> >
> >> > Hi,
> >> >
> >> > My application requires that I programmatically set a username and
> >> > password into the ws-security standard locations in the soap
> header.
> >> Note
> >> > that I do not want to configure Rampart athentication because
> >> > authentication logic will be fully proprietery in the server.
> >> > I intend to just retrieve the usename/password from soap header
> >> > programmtically from server and then authenticate.
> >> >
> >> > thanks,
> >> >
> >> > Brian
> >> >
> >>
> >> --
> >> View this message in context: http://www.nabble.com/setting-
> username-
> >> password-in-soap-header-programmatically-tp21641020p21689872.html
> >> Sent from the Axis - User mailing list archive at Nabble.com.
> >
> >
> > VVA Networks GmbH
> >
> > Mario-Leander Reimer
> > Dipl.-Inf. (FH)
> > Teamleitung Publishing Solutions
> > ---------------------------------------------------------------------
> ------
> > VVA Networks GmbH
> > : medien mit zukunft
> > Geisenhausenerstraße 15-17
> > 81379 München
> > Deutschland
> > ---------------------------------------------------------------------
> ------
> > Fon: +49 89 2000375-610
> > Fax: +49 89 2000375-699
> > Mobil: +49 173 5883541
> > ---------------------------------------------------------------------
> ------
> > leander.reimer@vva-networks.de
> > www.vva-networks.de
> >
> > ---------------------------------------------------------------------
> --
> > HRB 33884 Düsseldorf
> > Geschäftsführer Rolf Christian Kassel
> > ---------------------------------------------------------------------
> --
> > Ein Unternehmen der VVA Kommunikation
> > http://www.vva.de
> > ---------------------------------------------------------------------
> --
> > omnisuite® - integrate. automate. communicate.
> > http://www.omnisuite.de
> > ---------------------------------------------------------------------
> --
> >
> > Diese Nachricht (inklusive aller Anhänge) ist vertraulich. Sie darf
> > ausschließlich durch den vorgesehenen Empfänger und Adressaten
> gelesen,
> > kopiert oder genutzt werden. Sollten Sie diese Nachricht
> versehentlich
> > erhalten haben, bitten wir, den Absender (durch Antwort-E-Mail)
> hiervon
> > unverzüglich zu informieren und die Nachricht zu löschen. Jede
> unerlaubte
> > Nutzung oder Weitergabe des Inhalts dieser Nachricht, sei es
> vollständig
> > oder teilweise, ist unzulässig.
> >
> > This message (including any attachments) is confidential and may be
> > privileged. It may be read, copied and used only by the intended
> > recipient.
> > If you have received it in error please contact the sender (by return
> > E-Mail) immediately and delete this message. Any unauthorised use or
> > dissemination of this message in whole or in part is strictly
> prohibited.
> >
> >
>
> --
> View this message in context: http://www.nabble.com/setting-username-
> password-in-soap-header-programmatically-tp21641020p21702411.html
> Sent from the Axis - User mailing list archive at Nabble.com.
Re: AW: setting username/password in soap header programmatically
Posted by brianfm <bf...@gmail.com>.
Hi,
thanks agagin for your reply. I am using Axis2 (with Rampart 1.4) and not
Axis 1.
I am generating a stub for my client using wsdl2java. I just noticed from
your reply you say to use axis2.xml for the client, where would I insert
this. I have searched the web extensively, there does not seem to be any way
of the client inserting a handler programmatically,
thanks,
Brian
Mario-Leander Reimer wrote:
>
> Hi Brain,
>
> I just realized that you are using Axis1. Sorry for the misunderstanding.
>
> The code you had sent will was for Axis2, I have this working under Axis2
> 1.4.1 with Rampart 1.4.
>
> Unfortunately I have no experience with Axis1 so I can't help you any
> further.
>
> Regards,
> Leander
>
>
>
>> -----Ursprüngliche Nachricht-----
>> Von: brianfm [mailto:bfmurphy@gmail.com]
>> Gesendet: Dienstag, 27. Januar 2009 18:18
>> An: axis-user@ws.apache.org
>> Betreff: Re: setting username/password in soap header programmatically
>>
>>
>> Hi,
>>
>> thanks to everyone again who has replied.
>> I would prefer not to add custom headers to the soap message, i want to
>> use
>> the ws-security usernametoken.
>> Thanks Leander for your response, but that approach did not work.
>> In the wss4j documentation, is the following code snippit.
>> Unfortunately, it is not clear on which object the _setPropery in on -
>> its
>> is not on any generation code from wsdl2java or in the apit:
>>
>> PingServiceLocator service = new PingServiceLocator();
>> ...
>> PingPort port = (PingPort) service.getPing1();
>> port._setProperty(UsernameToken.PASSWORD_TYPE,
>> WSConstants.PASSWORD_TEXT);
>> port._setProperty(WSHandlerConstants.USER, "werner");
>>
>> This is from the package description of org.apache.ws.axis.security.
>>
>> I had success with the following approach , but all these classes are
>> deprecated, and no alternative is suggested in the api.
>>
>> OutflowConfiguration outflowConfig = new
>> OutflowConfiguration();
>>
>>
>> outflowConfig.setActionItems("UsernameToken");
>>
>>
>> outflowConfig.setUser("bob");
>>
>>
>> outflowConfig.setPasswordCallbackClass("test1.security.PWCBClientHandle
>> r");
>>
>>
>> axisstub._getServiceClient().getOptions().setProperty(WSSHandlerConstan
>> ts.OUTFLOW_SECURITY,
>>
>>
>> outflowConfig.getProperty());
>>
>> I am trying to attempt something basic here, unfortunately the api doc
>> is
>> quite poor.
>> Any ideas?
>>
>> Brian
>>
>> brianfm wrote:
>> >
>> > Hi,
>> >
>> > My application requires that I programmatically set a username and
>> > password into the ws-security standard locations in the soap header.
>> Note
>> > that I do not want to configure Rampart athentication because
>> > authentication logic will be fully proprietery in the server.
>> > I intend to just retrieve the usename/password from soap header
>> > programmtically from server and then authenticate.
>> >
>> > thanks,
>> >
>> > Brian
>> >
>>
>> --
>> View this message in context: http://www.nabble.com/setting-username-
>> password-in-soap-header-programmatically-tp21641020p21689872.html
>> Sent from the Axis - User mailing list archive at Nabble.com.
>
>
> VVA Networks GmbH
>
> Mario-Leander Reimer
> Dipl.-Inf. (FH)
> Teamleitung Publishing Solutions
> ---------------------------------------------------------------------------
> VVA Networks GmbH
> : medien mit zukunft
> Geisenhausenerstraße 15-17
> 81379 München
> Deutschland
> ---------------------------------------------------------------------------
> Fon: +49 89 2000375-610
> Fax: +49 89 2000375-699
> Mobil: +49 173 5883541
> ---------------------------------------------------------------------------
> leander.reimer@vva-networks.de
> www.vva-networks.de
>
> -----------------------------------------------------------------------
> HRB 33884 Düsseldorf
> Geschäftsführer Rolf Christian Kassel
> -----------------------------------------------------------------------
> Ein Unternehmen der VVA Kommunikation
> http://www.vva.de
> -----------------------------------------------------------------------
> omnisuite® - integrate. automate. communicate.
> http://www.omnisuite.de
> -----------------------------------------------------------------------
>
> Diese Nachricht (inklusive aller Anhänge) ist vertraulich. Sie darf
> ausschließlich durch den vorgesehenen Empfänger und Adressaten gelesen,
> kopiert oder genutzt werden. Sollten Sie diese Nachricht versehentlich
> erhalten haben, bitten wir, den Absender (durch Antwort-E-Mail) hiervon
> unverzüglich zu informieren und die Nachricht zu löschen. Jede unerlaubte
> Nutzung oder Weitergabe des Inhalts dieser Nachricht, sei es vollständig
> oder teilweise, ist unzulässig.
>
> This message (including any attachments) is confidential and may be
> privileged. It may be read, copied and used only by the intended
> recipient.
> If you have received it in error please contact the sender (by return
> E-Mail) immediately and delete this message. Any unauthorised use or
> dissemination of this message in whole or in part is strictly prohibited.
>
>
--
View this message in context: http://www.nabble.com/setting-username-password-in-soap-header-programmatically-tp21641020p21702411.html
Sent from the Axis - User mailing list archive at Nabble.com.
AW: setting username/password in soap header programmatically
Posted by Mario-Leander Reimer <le...@vva-networks.de>.
Hi Brain,
I just realized that you are using Axis1. Sorry for the misunderstanding.
The code you had sent will was for Axis2, I have this working under Axis2 1.4.1 with Rampart 1.4.
Unfortunately I have no experience with Axis1 so I can't help you any further.
Regards,
Leander
> -----Ursprüngliche Nachricht-----
> Von: brianfm [mailto:bfmurphy@gmail.com]
> Gesendet: Dienstag, 27. Januar 2009 18:18
> An: axis-user@ws.apache.org
> Betreff: Re: setting username/password in soap header programmatically
>
>
> Hi,
>
> thanks to everyone again who has replied.
> I would prefer not to add custom headers to the soap message, i want to
> use
> the ws-security usernametoken.
> Thanks Leander for your response, but that approach did not work.
> In the wss4j documentation, is the following code snippit.
> Unfortunately, it is not clear on which object the _setPropery in on -
> its
> is not on any generation code from wsdl2java or in the apit:
>
> PingServiceLocator service = new PingServiceLocator();
> ...
> PingPort port = (PingPort) service.getPing1();
> port._setProperty(UsernameToken.PASSWORD_TYPE,
> WSConstants.PASSWORD_TEXT);
> port._setProperty(WSHandlerConstants.USER, "werner");
>
> This is from the package description of org.apache.ws.axis.security.
>
> I had success with the following approach , but all these classes are
> deprecated, and no alternative is suggested in the api.
>
> OutflowConfiguration outflowConfig = new
> OutflowConfiguration();
>
>
> outflowConfig.setActionItems("UsernameToken");
>
>
> outflowConfig.setUser("bob");
>
>
> outflowConfig.setPasswordCallbackClass("test1.security.PWCBClientHandle
> r");
>
>
> axisstub._getServiceClient().getOptions().setProperty(WSSHandlerConstan
> ts.OUTFLOW_SECURITY,
>
>
> outflowConfig.getProperty());
>
> I am trying to attempt something basic here, unfortunately the api doc
> is
> quite poor.
> Any ideas?
>
> Brian
>
> brianfm wrote:
> >
> > Hi,
> >
> > My application requires that I programmatically set a username and
> > password into the ws-security standard locations in the soap header.
> Note
> > that I do not want to configure Rampart athentication because
> > authentication logic will be fully proprietery in the server.
> > I intend to just retrieve the usename/password from soap header
> > programmtically from server and then authenticate.
> >
> > thanks,
> >
> > Brian
> >
>
> --
> View this message in context: http://www.nabble.com/setting-username-
> password-in-soap-header-programmatically-tp21641020p21689872.html
> Sent from the Axis - User mailing list archive at Nabble.com.
VVA Networks GmbH
Mario-Leander Reimer
Dipl.-Inf. (FH)
Teamleitung Publishing Solutions
---------------------------------------------------------------------------
VVA Networks GmbH
: medien mit zukunft
Geisenhausenerstraße 15-17
81379 München
Deutschland
---------------------------------------------------------------------------
Fon: +49 89 2000375-610
Fax: +49 89 2000375-699
Mobil: +49 173 5883541
---------------------------------------------------------------------------
leander.reimer@vva-networks.de
www.vva-networks.de
-----------------------------------------------------------------------
HRB 33884 Düsseldorf
Geschäftsführer Rolf Christian Kassel
-----------------------------------------------------------------------
Ein Unternehmen der VVA Kommunikation
http://www.vva.de
-----------------------------------------------------------------------
omnisuite® - integrate. automate. communicate.
http://www.omnisuite.de
-----------------------------------------------------------------------
Diese Nachricht (inklusive aller Anhänge) ist vertraulich. Sie darf
ausschließlich durch den vorgesehenen Empfänger und Adressaten gelesen,
kopiert oder genutzt werden. Sollten Sie diese Nachricht versehentlich
erhalten haben, bitten wir, den Absender (durch Antwort-E-Mail) hiervon
unverzüglich zu informieren und die Nachricht zu löschen. Jede unerlaubte
Nutzung oder Weitergabe des Inhalts dieser Nachricht, sei es vollständig
oder teilweise, ist unzulässig.
This message (including any attachments) is confidential and may be
privileged. It may be read, copied and used only by the intended recipient.
If you have received it in error please contact the sender (by return
E-Mail) immediately and delete this message. Any unauthorised use or
dissemination of this message in whole or in part is strictly prohibited.
Re: setting username/password in soap header programmatically
Posted by brianfm <bf...@gmail.com>.
Hi,
thanks to everyone again who has replied.
I would prefer not to add custom headers to the soap message, i want to use
the ws-security usernametoken.
Thanks Leander for your response, but that approach did not work.
In the wss4j documentation, is the following code snippit.
Unfortunately, it is not clear on which object the _setPropery in on - its
is not on any generation code from wsdl2java or in the apit:
PingServiceLocator service = new PingServiceLocator();
...
PingPort port = (PingPort) service.getPing1();
port._setProperty(UsernameToken.PASSWORD_TYPE, WSConstants.PASSWORD_TEXT);
port._setProperty(WSHandlerConstants.USER, "werner");
This is from the package description of org.apache.ws.axis.security.
I had success with the following approach , but all these classes are
deprecated, and no alternative is suggested in the api.
OutflowConfiguration outflowConfig = new OutflowConfiguration();
outflowConfig.setActionItems("UsernameToken");
outflowConfig.setUser("bob");
outflowConfig.setPasswordCallbackClass("test1.security.PWCBClientHandler");
axisstub._getServiceClient().getOptions().setProperty(WSSHandlerConstants.OUTFLOW_SECURITY,
outflowConfig.getProperty());
I am trying to attempt something basic here, unfortunately the api doc is
quite poor.
Any ideas?
Brian
brianfm wrote:
>
> Hi,
>
> My application requires that I programmatically set a username and
> password into the ws-security standard locations in the soap header. Note
> that I do not want to configure Rampart athentication because
> authentication logic will be fully proprietery in the server.
> I intend to just retrieve the usename/password from soap header
> programmtically from server and then authenticate.
>
> thanks,
>
> Brian
>
--
View this message in context: http://www.nabble.com/setting-username-password-in-soap-header-programmatically-tp21641020p21689872.html
Sent from the Axis - User mailing list archive at Nabble.com.
AW: setting username/password in soap header programmatically
Posted by Mario-Leander Reimer <le...@vva-networks.de>.
Hi,
to set the username and password for the username token programmatically I used the following:
sc.getOptions().setProperty(WSHandlerConstants.USER, "username");
OutflowSecurityCallbackHandler cbh = new OutflowSecurityCallbackHandler(); sc.getOptions().setProperty(WSHandlerConstants.PW_CALLBACK_REF, cbh);
Or
sc.getOptions().setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "classname of callback handler");
In you callback handler implementation you need to set the matching password for the username.
In my axis2.xml for the client I have the OutflowSecurity parameter as follows:
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken</items>
<passwordType>PasswordText</passwordType>
<!--
<passwordType>PasswordDigest</passwordType>
<addUTElements>Nonce Created</addUTElements>
-->
</action>
</parameter>
That should do it.
BR,
Leander
> -----Ursprüngliche Nachricht-----
> Von: brianfm [mailto:bfmurphy@gmail.com]
> Gesendet: Montag, 26. Januar 2009 19:30
> An: axis-user@ws.apache.org
> Betreff: Re: setting username/password in soap header programmatically
>
>
> Hi,
>
> thanks for your reply.
> I think I should be more specific about my question.
> I have added the usernametoken to the policy in the services.xml:
>
> <sp:SupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:UsernameToken/>
> </wsp:Policy>
> </sp:SupportingTokens>
>
> This works fine.
> My problem is how to insert the usernametoken into the soap header
> programmatically in the client. Here is my current attempt:
>
> SecureServiceStub stub = new
> SecureServiceStub(ctx,"http://localhost:8079/axis2/services/SecureServi
> ce");
> ServiceClient sc = stub._getServiceClient();
> sc.engageModule("rampart");
> sc.getOptions().setUserName("brian");
> sc.getOptions().setPassword("brianPasswords");
> --- rest of boiler plate code to set up encryption which works fine----
> ----
>
> When i run this client i get the following exception:
> xception in thread "main" org.apache.axis2.AxisFault: UsernameToken
> missing
> in request
> at
> org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.jav
> a:512)
>
> So which api calls do i need to make to insert the token into the
> header?
>
> thanks again,
>
> Brian
>
> brianfm wrote:
> >
> > Hi,
> >
> > My application requires that I programmatically set a username and
> > password into the ws-security standard locations in the soap header.
> Note
> > that I do not want to configure Rampart athentication because
> > authentication logic will be fully proprietery in the server.
> > I intend to just retrieve the usename/password from soap header
> > programmtically from server and then authenticate.
> >
> > thanks,
> >
> > Brian
> >
>
> --
> View this message in context: http://www.nabble.com/setting-username-
> password-in-soap-header-programmatically-tp21641020p21670839.html
> Sent from the Axis - User mailing list archive at Nabble.com.
VVA Networks GmbH
Mario-Leander Reimer
Dipl.-Inf. (FH)
Teamleitung Publishing Solutions
---------------------------------------------------------------------------
VVA Networks GmbH
: medien mit zukunft
Geisenhausenerstraße 15-17
81379 München
Deutschland
---------------------------------------------------------------------------
Fon: +49 89 2000375-610
Fax: +49 89 2000375-699
Mobil: +49 173 5883541
---------------------------------------------------------------------------
leander.reimer@vva-networks.de
www.vva-networks.de
-----------------------------------------------------------------------
HRB 33884 Düsseldorf
Geschäftsführer Rolf Christian Kassel
-----------------------------------------------------------------------
Ein Unternehmen der VVA Kommunikation
http://www.vva.de
-----------------------------------------------------------------------
omnisuite® - integrate. automate. communicate.
http://www.omnisuite.de
-----------------------------------------------------------------------
Diese Nachricht (inklusive aller Anhänge) ist vertraulich. Sie darf
ausschließlich durch den vorgesehenen Empfänger und Adressaten gelesen,
kopiert oder genutzt werden. Sollten Sie diese Nachricht versehentlich
erhalten haben, bitten wir, den Absender (durch Antwort-E-Mail) hiervon
unverzüglich zu informieren und die Nachricht zu löschen. Jede unerlaubte
Nutzung oder Weitergabe des Inhalts dieser Nachricht, sei es vollständig
oder teilweise, ist unzulässig.
This message (including any attachments) is confidential and may be
privileged. It may be read, copied and used only by the intended recipient.
If you have received it in error please contact the sender (by return
E-Mail) immediately and delete this message. Any unauthorised use or
dissemination of this message in whole or in part is strictly prohibited.
Re: setting username/password in soap header programmatically
Posted by Wishing Carebear <wi...@gmail.com>.
Hello Brain:
I'm also planning to do the WS-Security without using the axis2.xml or
services.xml. Need to do it programmitically.
Could you send some snippets how you have done it for encryption and other
security types.
Thanks,
cabear
On Mon, Jan 26, 2009 at 10:30 AM, brianfm <bf...@gmail.com> wrote:
>
> Hi,
>
> thanks for your reply.
> I think I should be more specific about my question.
> I have added the usernametoken to the policy in the services.xml:
>
> <sp:SupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:UsernameToken/>
> </wsp:Policy>
> </sp:SupportingTokens>
>
> This works fine.
> My problem is how to insert the usernametoken into the soap header
> programmatically in the client. Here is my current attempt:
>
> SecureServiceStub stub = new
> SecureServiceStub(ctx,"http://localhost:8079/axis2/services/SecureService
> ");
> ServiceClient sc = stub._getServiceClient();
> sc.engageModule("rampart");
> sc.getOptions().setUserName("brian");
> sc.getOptions().setPassword("brianPasswords");
> --- rest of boiler plate code to set up encryption which works fine--------
>
> When i run this client i get the following exception:
> xception in thread "main" org.apache.axis2.AxisFault: UsernameToken missing
> in request
> at
>
> org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:512)
>
> So which api calls do i need to make to insert the token into the header?
>
> thanks again,
>
> Brian
>
> brianfm wrote:
> >
> > Hi,
> >
> > My application requires that I programmatically set a username and
> > password into the ws-security standard locations in the soap header. Note
> > that I do not want to configure Rampart athentication because
> > authentication logic will be fully proprietery in the server.
> > I intend to just retrieve the usename/password from soap header
> > programmtically from server and then authenticate.
> >
> > thanks,
> >
> > Brian
> >
>
> --
> View this message in context:
> http://www.nabble.com/setting-username-password-in-soap-header-programmatically-tp21641020p21670839.html
> Sent from the Axis - User mailing list archive at Nabble.com.
>
>
Re: setting username/password in soap header programmatically
Posted by brianfm <bf...@gmail.com>.
Hi,
thanks for your reply.
I think I should be more specific about my question.
I have added the usernametoken to the policy in the services.xml:
<sp:SupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:UsernameToken/>
</wsp:Policy>
</sp:SupportingTokens>
This works fine.
My problem is how to insert the usernametoken into the soap header
programmatically in the client. Here is my current attempt:
SecureServiceStub stub = new
SecureServiceStub(ctx,"http://localhost:8079/axis2/services/SecureService");
ServiceClient sc = stub._getServiceClient();
sc.engageModule("rampart");
sc.getOptions().setUserName("brian");
sc.getOptions().setPassword("brianPasswords");
--- rest of boiler plate code to set up encryption which works fine--------
When i run this client i get the following exception:
xception in thread "main" org.apache.axis2.AxisFault: UsernameToken missing
in request
at
org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:512)
So which api calls do i need to make to insert the token into the header?
thanks again,
Brian
brianfm wrote:
>
> Hi,
>
> My application requires that I programmatically set a username and
> password into the ws-security standard locations in the soap header. Note
> that I do not want to configure Rampart athentication because
> authentication logic will be fully proprietery in the server.
> I intend to just retrieve the usename/password from soap header
> programmtically from server and then authenticate.
>
> thanks,
>
> Brian
>
--
View this message in context: http://www.nabble.com/setting-username-password-in-soap-header-programmatically-tp21641020p21670839.html
Sent from the Axis - User mailing list archive at Nabble.com.