On 2010-1-20, at 上午9:46, Philip wrote:
Hi everybody,
thanks again for your help.
On Thu, Jan 14, 2010 at 3:07 AM, Freeman Fang
<[email protected]>wrote:
2. We also added a SoapHeaderOutFilterInterceptor to clean the
Header. The
reason for that is that the Provider shouldn't receive the secure
header.
Is
it possible to add a new header with different username/password?
Perhaps
with the WSS4JOutInterceptor?
Yeah, you can configure WSS4JOutInterceptor for cxf bc provider
endpoint
which can add different username token ws-security header to the
outgoing
soap message.
Freeman
we succesfully added the wss4joutinterceptor. now we just have one
more
problem:
the wss4joutinterceptor sets the attribute: soap:mustUnderstand="1"
we have a WS-provider which doesn't understand soap, so we get a fault
message. do you know if it's possible to change the attribute to:
soap:mustUnderstand="0"?
Hi,
I'm a little bit confused with your question, your external webservice
need ws-security to do the auth, so you add WSS4JOutInterceptor, which
add soap:mustUnderstand="1" for security headers. If your external
webservice can't understand soap security headers, it can't auth with
ws-security, why you need add WSS4JOutInterceptor for your cxf bc
provider?
I might be wrong for your scenario.
Anyway as always you can write your interceptor to hack on-wire
outgoing soap message and change the mustUnderstand flag.
Freeaman
If not, do you know what we have to add to our WS to understand the
SOAP
message?
Best regards,
Nicolas and Philip
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
