Thursday, March 31, 2011

Adding security information in the SOAP Header

I was supposed to add the following security information in the SOAP request.

<soapenv:Header>
<wsse:Security>
<wsse:UsernameToken>
<wsse:Username>aro_ext
<wsse:Password>5b5mCfNfJn
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>





Adding the above security information in the SOAP Header from the Stub,

SOAPHeaderElement wsseSecurity = new SOAPHeaderElement(new PrefixedQName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security","wsse"));
MessageElement usernameToken = new MessageElement(new PrefixedQName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken","wsse"));
MessageElement username = new MessageElement(new PrefixedQName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Username","wsse"));
MessageElement password = new MessageElement(new PrefixedQName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Password","wsse"));

username.setObjectValue("coolbaski");
usernameToken.addChild(username);
password.setObjectValue("baskirocks");
usernameToken.addChild(password);
wsseSecurity.addChild(usernameToken);
stub.setHeader(wsseSecurity);

NameSpace can be had from envelop tag,
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"

We may have setUsername & setPassword methods in the generated stub class.

stub.setUsername("coolbaski");
stub.setPassword("baskirocks");

Setting the above will set the values in HTTP header and not in the SOAP Header.
There is one more way to set in the HTTP header.

s._setProperty( javax.xml.rpc.Call.USERNAME_PROPERTY, "coolbaski" );
s._setProperty( javax.xml.rpc.Call.PASSWORD_PROPERTY, "baskirocks" );
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)