Re: setting username/password in soap header programmatically

Tue, 27 Jan 2009 10:27:02 -0800 

Hey,

I think i can do this using the code below. which will go into an outflow
handler.
Question now, is how to programmatically add an outflow handler:

mport org.apache.axis.AxisFault;
import org.apache.axis.Message;
import org.apache.axis.MessageContext;
import org.apache.axis.handlers.BasicHandler;
import org.apache.axis.message.SOAPEnvelope;
import org.apache.axis.message.SOAPHeaderElement;
import org.apache.axis.session.Session;
import  org.apache.axis.transport.http.HTTPConstants;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.WSSecUsernameToken;
import org.w3c.dom.Document;

public class RequestHandler extends BasicHandler {

    public void invoke(MessageContext messageContext) throws AxisFault {
        MessageContext currContext = messageContext.getCurrentContext();
        Message message = currContext .getRequestMessage();
        SOAPEnvelope envelope = message.getSOAPEnvelope();
       
        try {
            Document doc = envelope.getAsDocument();
            WSSecHeader secHeader = new  WSSecHeader("",false);
            secHeader.insertSecurityHeader(doc);

            String username = "user1";
            String password = "password";
           
            WSSecUsernameToken builder = new WSSecUsernameToken();
            builder.setPasswordType(WSConstants.PASSWORD_TEXT);
            builder.setUserInfo(username, password);
            builder.prepare(doc);
            builder.appendToHeader(secHeader);
             
            envelope.addHeader(new
SOAPHeaderElement(secHeader.getSecurityHeader()));            
           
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }        
    }
} 

brianfm wrote:
> 
> Hi,
> 
> My application requires that I programmatically set a username and
> password into the ws-security standard locations in the soap header. Note
> that I do not want to configure Rampart athentication because
> authentication logic will be fully proprietery in the server.
> I intend to just retrieve the usename/password from soap header
> programmtically from server and then authenticate. 
> 
> thanks,
> 
> Brian
> 

-- 
View this message in context: 
http://www.nabble.com/setting-username-password-in-soap-header-programmatically-tp21641020p21691330.html
Sent from the Axis - User mailing list archive at Nabble.com.

Reply via email to