WS Security - Username token Profile
I have a wsdl file and i am writing a client for that in WAS 8.0
I kept username/password required for the soap request in ApplicationResources.properties.
I am
-
The Soap request must contain the appropriate header elements for username token wss profile. Either you can manually create the elements using a Soap handler or SAAJ if youre using Java. In Websphere you can use the feature called "policy sets" to meta program this support with configuration of various policy sets and bindings.
Here is a good article describing how this is done using the configuration approach: http://www.ibm.com/developerworks/websphere/library/techarticles/1103_balakrishnan/1103_balakrishnan.html
Here is a example adding this headers programatically using SAAJ:
public class WssHandler implements SOAPHandler{ private static final Logger cTRACE = Logger.getLogger(WssHandler.class.getName()); // SOAP private static final String cWSSE = "wsse"; private static final String cURL = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; private static final String cNODE_SECURITY = "Security"; private static final String cNODE_USRTOKEN = "UsernameToken"; private static final String cNODE_USERNAME = "Username"; private static final String cNODE_PASSWORD = "Password"; private String iUsername; private String iPassword; /** * Constructor for SOAP handler with specific wss credentials. * @param aUsername wss username * @param aPassword wss password */ public WssHandler(String username, String passwd) { super(); iUsername = username; iPassword = passwd; } @Override public boolean handleMessage(SOAPMessageContext context) { if (cTRACE.isLoggable(Level.FINEST)) { cTRACE.logp(Level.FINEST, WssHandler.class.getName(), "handleMessage", "add WSS credentials for user "+iUsername); } try { SOAPMessage tMessage = context.getMessage(); SOAPEnvelope tSoapEnvelope = tMessage.getSOAPPart().getEnvelope(); // header SOAPHeader tHeader = tSoapEnvelope.getHeader(); if (tHeader==null) { // no header yet, create one tHeader = tSoapEnvelope.addHeader(); } // security node Name tWsseHeaderName = tSoapEnvelope.createName(cNODE_SECURITY, cWSSE, cURL); SOAPHeaderElement tSecurityElement = tHeader.addHeaderElement(tWsseHeaderName); tSecurityElement.setMustUnderstand(true); Name tUserTokenElementName = tSoapEnvelope.createName(cNODE_USRTOKEN, cWSSE, cURL); SOAPElement tUserTokenElement = tSecurityElement.addChildElement(tUserTokenElementName); tUserTokenElement.removeNamespaceDeclaration(cWSSE); tUserTokenElement.addNamespaceDeclaration("wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); // user name child Name tUsernameElementName = tSoapEnvelope.createName(cNODE_USERNAME, cWSSE, cURL); SOAPElement tUsernameElement = tUserTokenElement.addChildElement(tUsernameElementName); tUsernameElement.removeNamespaceDeclaration(cWSSE); tUsernameElement.addTextNode(iUsername); // password child Name tPasswordElementName = tSoapEnvelope.createName(cNODE_PASSWORD, cWSSE, cURL); SOAPElement tPasswordElement = tUserTokenElement.addChildElement(tPasswordElementName); tPasswordElement.removeNamespaceDeclaration(cWSSE); tPasswordElement.addTextNode(iPassword); tPasswordElement.setAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"); } catch (SOAPException e) { if (cTRACE.isLoggable(Level.SEVERE)) { cTRACE.logp(Level.SEVERE, WssHandler.class.getName(), "handleMessage", "Unable to add WSS credentials", e); } // stop processing return false; } // continue processing return true; } @Override public boolean handleFault(SOAPMessageContext context) { return true; } @Override public void close(MessageContext context) { // nothing to do } @Override public Set getHeaders() { return null; } } 讨论(0)
加载中...
- 热议问题