RE: Problem with managing username token programatically.

[Pramod Pawar]

Thanks Werner, its working without referring to client-config.wsdd.   Thanks, Pramod From: Dittmann, Werner [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 11, 2006 2:29 AM To: Pramod Pawar; wss4j-dev@ws.apache.org Subject: AW: Problem with managing username token programatically.   Pramod,   if you just include username and other properties into the stub (as you did it) is not enough to instruct Axis to actually use the Security handler. To instruct Axis to use handlers you must set up a handler chain and configure Axis accordingly. This can be done either using client-config.wsdd or programatically.   Doint programatically requires you to define the handler chain. The following example was taken from an email discussion some time ago (december, 6th). You may take it as a starting point and adjust it to your needs.   Regards, Werner   Example: public class JobStatus { public static void main(String[] args) { try { JCTSessionServiceLocator service = new JCTSessionServiceLocator(); EngineConfiguration clientConfig=createClientConfig(); service.setEngineConfiguration(clientConfig); service.setEngine(new AxisClient(clientConfig)); JCTSession jct = service.getJCTSession(); Job[] jobs = jct.getJobStatus("rudi", null, null, null); } catch(Exception e) { e.printStackTrace(); } } private static EngineConfiguration createClientConfig() { try { SimpleProvider clientConfig=new SimpleProvider(); Handler securityHandler= (Handler)new WSDoAllSender(); securityHandler.setOption(WSHandlerConstants.ACTION, "UsernameToken"); //securityHandler.setOption(WSHandlerConstants.SIG_PROP_FILE,this.WSS_SIG_PROPERTIES); securityHandler.setOption(WSHandlerConstants.USER, "user"); securityHandler.setOption(WSHandlerConstants.PW_CALLBACK_REF, new PWCallback()); SimpleChain reqHandler=new SimpleChain(); SimpleChain respHandler=new SimpleChain(); // add the handler to the request reqHandler.addHandler(securityHandler); Handler pivot=(Handler)new HTTPSender(); Handler transport=new SimpleTargetedChain(reqHandler, pivot, null); clientConfig.deployTransport(HTTPTransport.DEFAULT_TRANSPORT_NAME,transport); return clientConfig; } catch(Exception e) { e.printStackTrace(); return null; } } }   public class PWCallback implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof WSPasswordCallback) { WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; // set the password given a username if("rudi".equals(pc.getIdentifer())) { pc.setPassword("dsgxdgsfsdgfsdgs"); } } else { throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); } } } }   Von: Pramod Pawar [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 11. Januar 2006 10:00 An: Dittmann, Werner; wss4j-dev@ws.apache.org Betreff: RE: Problem with managing username token programatically. Hi Werner,   Thanks for your reply.   As per my current requirement of using Axis Web Service security, I don’t need to refer any external entity i.e.wsdd. I need to manage the entire WS Security by programmatically. Currently, I am not referring to client-config.wsdd, I am just trying to incorporate the username token and PWCallback handler using the code snippet that I have mentioned in my earlier mail. Please suggest me the way I am trying to do is correct or not? If not, what is the reason that we need to refer client-confg.wsdd even if we incorporate username and password using API provided by WSS4J for integrating username and token?   Please advice.   Thanks, Pramod From: Dittmann, Werner [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 10, 2006 11:20 PM To: Pramod Pawar; wss4j-dev@ws.apache.org Subject: AW: Problem with managing username token programatically.   Pramod,   can you show the client's Axis WSDD file where you define the request handler for the service? Very often we see that a small typo in the WSDD causes a problem that the handler is not called.   Regards, Werner     Von: Pramod Pawar [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 10. Januar 2006 20:26 An: wss4j-dev@ws.apache.org Betreff: Problem with managing username token programatically. Hi,   I am facing some problem with the web service sample provided with the WSS4J using Username Token. I have correctly deployed the web service on Tomcat server. My service is running properly and I am able to access it using Client, here in this case I am referring to client-config.wsdd in which I have configured the Username token.   I am facing problem while managing Username token programmatically at client side. Please find the code snippet of client program as mentioned below,           PWCallback pwCallback = new PWCallback();         HelloWorldServiceLocator locator = new HelloWorldServiceLocator();         Remote remote = locator.getPort(HelloWorld.class);         Stub axisPort = (Stub) remote;         axisPort._setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);         axisPort._setProperty(UsernameToken.PASSWORD_TYPE, WSConstants.PASSWORD_DIGEST);         axisPort._setProperty(WSHandlerConstants.USER, "wss4j");          axisPort._setProperty(WSHandlerConstants.PW_CALLBACK_REF, pwCallback);              HelloworldSoapBindingStub service = (HelloworldSoapBindingStub)axisPort;            String mess = service.sayHello(args[0]);         System.out.println("hello world service returned : " + mess );    I am getting error message as mentioned below,   Exception in thread "main" AxisFault             faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException             faultSubcode:             faultString: WSDoAllReceiver: Request does not contain required Security header    faultActor:  faultNode:  faultDetail:   It seems that web service is not able to get the Username token from Soap request. I used soap tracing utility to trace the soap request which is going to web service in which I observed that web service contains the plain soap message, it doesn’t include the username token to it.   Please help me.   Thanks – Pramod