If you are able to change the WSDL contract, then you can indeed include the username and password in the SOAP body. Just put them in a message part, like any other parameter.
If you want to put username and password in the SOAP header, then you can use the UsernameToken mode of WSS4J to be compatible with the WS-Security standard; or you can invent your own header if you don't have to be standard or interoperable. Using WSS4J is probably better. On Fri, 26 Aug 2005, Plorks mail wrote: > hi all > > i'm currntly getting username and password using basic authentication in my > web service. > > we are using a product that doesn't support basic authentaication in the > http header, so now i have to re-write my web service. Can anyone suggest > an alternative way to do this? > > Can i set the username and password in the SOAP Envelope/body? > > Thsi is the code i'm curently using > String headerAuth = > (String)msgContext.getProperty(HTTPConstants.HEADER_AUTHORIZATION); > > if (headerAuth != null) > { > headerAuth = headerAuth.trim(); > } > > if (headerAuth != null && headerAuth.startsWith("Basic ")) > { > int i; > > headerAuth = new String(Base64.decode(headerAuth.substring(6))); > > String [] userNamePassword = headerAuth.split(":"); > > userName = userNamePassword[0]; > password = userNamePassword[1]; > } > > thanks for any help > > _________________________________________________________________ > Express yourself instantly with MSN Messenger! Download today - it's FREE! > http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ > Guy Rixon [EMAIL PROTECTED] Institute of Astronomy Tel: +44-1223-337542 Madingley Road, Cambridge, UK, CB3 0HA Fax: +44-1223-337523