Am I right in concluding that an application that uses (without modification) client stubs (AKA proxies) generated by wsdl2java cannot get a SOAP security header into its request messages?
To be concrete, suppose I want my application to send request messages that start as follows: <?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"; xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/";> <soapenv:Header> <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext";> <wsse:UsernameToken Id="Id_1026310236359"> <wsse:Username>foo</wsse:Username> <wsse:Password>bar</wsse:Password> </wsse:UsernameToken> </wsse:Security> </soapenv:Header> <soapenv:Body>... `wsdl2java` creates stubs that extend org.apache.axis.client.Stub, which does not offer any way to add SOAP headers; it neither offers this directly, nor exposes a Call object (in fact, it creates a new Call object inside each method that does an RPC). Thanks, Mike
