That security header appears to be project-specific (not like UsernameToken profile), so CXF won't have an out-of-the-box solution. Besides an interceptor, you can also use a JAX-WS handler[1] to insert the AuthenticationHeader into the soap:header. Alternatively, if you are allowed to tweak the WSDL you use locally to generate the JAX-WS artifacts, you can add implicit header declarations to the wsdl[2] so that when you run wsdl2java those three parameters will be available to you in your soap calls.
HTH, Glen [1] http://www.jroller.com/gmazza/entry/adding_jax_ws_handlers_to [2] http://www.jroller.com/gmazza/entry/using_implicit_soap_headers_with De Bakker, Bjorn wrote: > > No, that's not it. In our message, we send a Soap Header to provide a > username and password. Problem is that I can't find how to add a header > to the message. Now I'm looking into an interceptor to make it work, but > I really don't know how to do this. > > XML: > > <soapenv:Envelope > xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; > xmlns:soap="http://lalala"; xmlns:con="http://lalala";> > <soapenv:Header> > <soap:AuthenticationHeader> > <soap:ClientName>CLIENTNAME</soap:ClientName> > <soap:UserName>USERNAME</soap:UserName> > <soap:Password>PASSWORD</soap:Password> > </soap:AuthenticationHeader> > </soapenv:Header> > <soapenv:Body> > <con:GetContactsRequest> > <con:ContactSearchCriteria> > </con:ContactSearchCriteria> > </con:GetContactsRequest> > </soapenv:Body> > </soapenv:Envelope> > > ________________________________________ > Van: Glen Mazza [[email protected]] > Verzonden: woensdag 14 april 2010 15:43 > Aan: [email protected] > Onderwerp: Re: Authorization for web service > > I think you're mixing up transport-layer with message-layer > security--what's > in the soap header or soap body wouldn't matter for https:// because it's > all encrypted anyway. You'll probably just need simple basic > authentication for https (Step #7 of > http://www.jroller.com/gmazza/entry/setting_up_ssl_and_basic). > > As for soapUI, I believe there's a Preferences menu where you place in the > basic auth username and password for https:// for it to work, but am less > certain here. > > HTH, > Glen > > > > De Bakker, Bjorn wrote: >> >> I'm currently developing a client, which has to communicate with a >> webservice. This webservice is accessible through https, so we have to >> provide authentication. >> > > -- > View this message in context: > http://old.nabble.com/Authorization-for-web-service-tp28241860p28242794.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- View this message in context: http://old.nabble.com/Authorization-for-web-service-tp28241860p28247307.html Sent from the cxf-user mailing list archive at Nabble.com.
