If you are able to change the WSDL contract, then you can indeed include the
username and password in the SOAP body. Just put them in a message part, like
any other parameter.
If you want to put username and password in the SOAP header, then you can use
the UsernameToken mode of WSS4J to be compatible with the WS-Security
standard; or you can invent your own header if you don't have to be standard
or interoperable. Using WSS4J is probably better.
On Fri, 26 Aug 2005, Plorks mail wrote:
> hi all
>
> i'm currntly getting username and password using basic authentication in my
> web service.
>
> we are using a product that doesn't support basic authentaication in the
> http header, so now i have to re-write my web service. Can anyone suggest
> an alternative way to do this?
>
> Can i set the username and password in the SOAP Envelope/body?
>
> Thsi is the code i'm curently using
> String headerAuth =
> (String)msgContext.getProperty(HTTPConstants.HEADER_AUTHORIZATION);
>
> if (headerAuth != null)
> {
> headerAuth = headerAuth.trim();
> }
>
> if (headerAuth != null && headerAuth.startsWith("Basic "))
> {
> int i;
>
> headerAuth = new String(Base64.decode(headerAuth.substring(6)));
>
> String [] userNamePassword = headerAuth.split(":");
>
> userName = userNamePassword[0];
> password = userNamePassword[1];
> }
>
> thanks for any help
>
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today - it's FREE!
> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>
Guy Rixon [EMAIL PROTECTED]
Institute of Astronomy Tel: +44-1223-337542
Madingley Road, Cambridge, UK, CB3 0HA Fax: +44-1223-337523
