Adding username and password to soap header in Java by using PasswordText Type and axis2

心已入冬 提交于 2019-12-25 07:29:57

问题


I want to add username and password to soap header in java by using PasswordText Type and axis2.

Code snippet I use

public static void WSSPasswordAuthentication(org.apache.axis2.client.ServiceClient client, String endPointUrl, String username, String password) throws CSException{

    OMFactory omFactory = OMAbstractFactory.getOMFactory();
    OMElement omSecurityElement = omFactory.createOMElement(new QName( "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security", "wsse"), null);


    OMElement omusertoken = omFactory.createOMElement(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken","wsse"), null);

    OMElement omuserName = omFactory.createOMElement(new QName("", "Username", "wsse"), null);
    omuserName.setText(username);

    OMElement omPassword = omFactory.createOMElement(new QName("", "Password", "wsse"), null);
    omPassword.addAttribute("Type","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText",null );
    omPassword.setText(password);

    omusertoken.addChild(omuserName);
    omusertoken.addChild(omPassword);
    omSecurityElement.addChild(omusertoken);

    client.addHeader(omSecurityElement);

}

And resultant header : <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsu:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><Username>erapor</Username><Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">erapor</Password></wsu:UsernameToken></wsse:Security>

But

The header I want : <soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:Username>erapor</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">erapor</wsse:Password></wsse:UsernameToken></wsse:Security></soapenv:Header>

Otherwise I couldn't use the header

How can I modify?


回答1:


You can use plain JAXWS if you have an option to resolve this instead of using AXIS2 on the client side. This is generic and easy to add these kind of security headers.

In your JDK 6.0 HOME (This example works only from JDK 6.0 and above)

jdk1.6.0_26\bin\wsimport is an utility available

You can create the stub using the wsimport utility

wsimport -keep -verbose http://localhost:8080/<WebserviceName>/services/<WebserviceName>?wsdl

Create a message handler MessageHandler.java

package com.secure.client;

import java.util.Set;

import javax.xml.namespace.QName;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPHeader;
import javax.xml.ws.WebServiceException;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;

public class MessageHandler implements SOAPHandler<SOAPMessageContext>{

    @Override
    public void close(MessageContext arg0) {
        // TODO Auto-generated method stub

    }


    @Override
    public Set getHeaders() {
        // TODO Auto-generated method stub
        return null;
    }

    @Override
    public boolean handleFault(SOAPMessageContext context) {
        // TODO Auto-generated method stub
        return false;
    }

    @Override
    public boolean handleMessage(SOAPMessageContext soapMessageContext) {
        try {

              boolean outMessageIndicator = (Boolean) soapMessageContext
                                            .get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
              if (outMessageIndicator) {

                  SOAPEnvelope envelope = soapMessageContext.getMessage().getSOAPPart().getEnvelope();

                  SOAPHeader header = envelope.addHeader();

                  SOAPElement security = header.addChildElement("Security", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");

                  SOAPElement usernameToken = security.addChildElement("UsernameToken", "wsse");
                  usernameToken.addAttribute(new QName("xmlns:wsu"), "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");

                  SOAPElement username = usernameToken.addChildElement("Username", "wsse");
                  username.addTextNode("wsuser");

                  SOAPElement password = usernameToken.addChildElement("Password", "wsse");
                  password.setAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
                  password.addTextNode("wspwd");

             }

       } catch (Exception ex) {
         throw new WebServiceException(ex);
       }
       return true;
    }



}

Create HeaderHandlerResolver.java

package com.secure.client;

import java.util.ArrayList;
import java.util.List;
import javax.xml.ws.handler.Handler;
import javax.xml.ws.handler.HandlerResolver;
import javax.xml.ws.handler.PortInfo;

public class HeaderHandlerResolver implements HandlerResolver {

@SuppressWarnings("unchecked")
public List<Handler> getHandlerChain(PortInfo portInfo) {
      List<Handler> handlerChain = new ArrayList<Handler>();
      MessageHandler hh = new MessageHandler();
      handlerChain.add(hh);
      return handlerChain;
   }
}

You can create the client code using stub

Client.java

import javax.xml.ws.BindingProvider;

import com.secure.HelloService;
import com.secure.HelloServiceException;
import com.secure.HelloServicePortType;

public class Client {

    public static void main(String[] args) {

        HelloService service = new HelloService();

        service.setHandlerResolver(new HeaderHandlerResolver());

        HelloServicePortType port = service.getHelloServiceHttpSoap11Endpoint();

        // Use the BindingProvider's context to set the endpoint
        BindingProvider bp = (BindingProvider)port;
        bp.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "http://localhost:8080/<WebserviceName>/services/<WebserviceName>");



        System.out.println(port.getVersion());

        try {

            System.out.println(port.getHello("Zack"));

        } catch (HelloServiceException e) {
            e.printStackTrace();
        }

    }

}


来源:https://stackoverflow.com/questions/23536273/adding-username-and-password-to-soap-header-in-java-by-using-passwordtext-type-a

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!