I actually ended up writing a custom header with axiom to insert the
security header I needed into the SOAP xml message.
Here is the snippet of code I'm using to do this, in case it helps anyone else.
(FYI: I used the xmlbeans binding, and so I put this method into the
generated stub class, and called it within each generated method that
made a different request)
private void addCustomSecurityHeader() {
OMFactory fac = OMAbstractFactory.getOMFactory();
OMNamespace omNs =
fac.createOMNamespace("http://schemas.xmlsoap.org/ws/2003/06/secext";,
"wsse");
SOAP11Factory soap11Factory = new SOAP11Factory();
SOAPHeaderBlock soapHeaderBlock = new
SOAP11HeaderBlockImpl("Security",omNs,soap11Factory);
soapHeaderBlock.setMustUnderstand(true);
OMElement usernameTokenElement = fac.createOMElement("UsernameToken", omNs);
OMElement usernameElement = fac.createOMElement("Username", omNs);
OMText omTextUsername = fac.createOMText(usernameElement, getUserName());
usernameElement.addChild(omTextUsername);
OMElement passwordElement = fac.createOMElement("Password", omNs);
OMText omTextPassword = fac.createOMText(passwordElement, getPassword());
passwordElement.addChild(omTextPassword);
usernameTokenElement.addChild(usernameElement);
usernameTokenElement.addChild(passwordElement);
soapHeaderBlock.addChild(usernameTokenElement);
_serviceClient.addHeader(soapHeaderBlock);
}
On 1/9/07, Erwin Driessen <[EMAIL PROTECTED]> wrote:
Ruchith,
Thanks for replying. I do see that WSS4J in version 1.1.0 did allow
one to use an older namespace. Is there a good reason why this
functionality was taken out?.
The way I see it now, is that I'll be forced to use older versions of
wss4j and older versions axis if I want to build a client to use this
older webservice.
I'd love to be able to use the latest versions of each, but direct
them to create a "backwards compatible" SOAP security header in order
to use this web serivce that dictates I use this older namespace etc.
Perhaps there is a way to over-ride a method or 2 in order to still
accomplish this?
I downloaded the source for wss4j-1.5.1 and see that there is a
UsernameToken.java which builds the element...
Any suggestions?
Thanks, any help is much appreciated...
Erwin
On 1/8/07, Ruchith Fernando <[EMAIL PROTECTED]> wrote:
> Hi Erwin,
>
> I'm sorry we don't have a way to force older namespaces in Rampart :-(
> I think we had some capability in WSS4J to do this and IIRC we removed
> it. I hope Werner or Dims will correct me if I'm mistaken.
>
> Thanks,
> Ruchith
>
> On 1/9/07, Erwin Driessen <[EMAIL PROTECTED]> wrote:
> > Hello,
> >
> > I could use some help in creating the correct Soap security header for
> > the web service I need to connect to.
> > I'm not very familiar with Axis2 & Rampart yet, but still learning.
> >
> > I'm needing to create a client that will produce a header that looks like
this:
> >
> > <soapenv:Header>
> > <wsse:Security
> > xmlns:wsse="http://schemas.xmlsoap.org/ws/2003/06/secext";
> > soapenv:mustUnderstand="1">
> > <wsse:UsernameToken>
> > <wsse:Username>*****UsernameHere*****</wsse:Username>
> > <wsse:Password>*****PasswordHere*****</wsse:Password>
> > </wsse:UsernameToken>
> > </wsse:Security>
> > </soapenv:Header>
> >
> > As I played with the examples in Rampart 1.1 and using SoapMonitor, I
> > noticed that they produce a header with this UsernameToken namespace
> > instead:
> >
> >
xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> >
> > 1) Is there way to "force / configure" Axis2 & Rampart to use this
> > older namespace instead?
> > 2) If not, what products should I be using instead (ie: older axis? I hope
not)
> > 3) Any examples would be greatly appriciated...
> >
> > (yes, the the web service docs say that I will need to "force" the
> > namespace to the 2003/06 version)
> >
> > Thanks,
> > Erwin
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
>
> --
> www.ruchith.org
> www.wso2.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
