Hi,
to set the username and password for the username token programmatically I used
the following:
sc.getOptions().setProperty(WSHandlerConstants.USER, "username");
OutflowSecurityCallbackHandler cbh = new OutflowSecurityCallbackHandler();
sc.getOptions().setProperty(WSHandlerConstants.PW_CALLBACK_REF, cbh);
Or
sc.getOptions().setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "classname of
callback handler");
In you callback handler implementation you need to set the matching password
for the username.
In my axis2.xml for the client I have the OutflowSecurity parameter as follows:
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken</items>
<passwordType>PasswordText</passwordType>
<!--
<passwordType>PasswordDigest</passwordType>
<addUTElements>Nonce Created</addUTElements>
-->
</action>
</parameter>
That should do it.
BR,
Leander
> -----Ursprüngliche Nachricht-----
> Von: brianfm [mailto:bfmur...@gmail.com]
> Gesendet: Montag, 26. Januar 2009 19:30
> An: axis-user@ws.apache.org
> Betreff: Re: setting username/password in soap header programmatically
>
>
> Hi,
>
> thanks for your reply.
> I think I should be more specific about my question.
> I have added the usernametoken to the policy in the services.xml:
>
> <sp:SupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:UsernameToken/>
> </wsp:Policy>
> </sp:SupportingTokens>
>
> This works fine.
> My problem is how to insert the usernametoken into the soap header
> programmatically in the client. Here is my current attempt:
>
> SecureServiceStub stub = new
> SecureServiceStub(ctx,"http://localhost:8079/axis2/services/SecureServi
> ce");
> ServiceClient sc = stub._getServiceClient();
> sc.engageModule("rampart");
> sc.getOptions().setUserName("brian");
> sc.getOptions().setPassword("brianPasswords");
> --- rest of boiler plate code to set up encryption which works fine----
> ----
>
> When i run this client i get the following exception:
> xception in thread "main" org.apache.axis2.AxisFault: UsernameToken
> missing
> in request
> at
> org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.jav
> a:512)
>
> So which api calls do i need to make to insert the token into the
> header?
>
> thanks again,
>
> Brian
>
> brianfm wrote:
> >
> > Hi,
> >
> > My application requires that I programmatically set a username and
> > password into the ws-security standard locations in the soap header.
> Note
> > that I do not want to configure Rampart athentication because
> > authentication logic will be fully proprietery in the server.
> > I intend to just retrieve the usename/password from soap header
> > programmtically from server and then authenticate.
> >
> > thanks,
> >
> > Brian
> >
>
> --
> View this message in context: http://www.nabble.com/setting-username-
> password-in-soap-header-programmatically-tp21641020p21670839.html
> Sent from the Axis - User mailing list archive at Nabble.com.
VVA Networks GmbH
Mario-Leander Reimer
Dipl.-Inf. (FH)
Teamleitung Publishing Solutions
---------------------------------------------------------------------------
VVA Networks GmbH
: medien mit zukunft
Geisenhausenerstraße 15-17
81379 München
Deutschland
---------------------------------------------------------------------------
Fon: +49 89 2000375-610
Fax: +49 89 2000375-699
Mobil: +49 173 5883541
---------------------------------------------------------------------------
leander.rei...@vva-networks.de
www.vva-networks.de
-----------------------------------------------------------------------
HRB 33884 Düsseldorf
Geschäftsführer Rolf Christian Kassel
-----------------------------------------------------------------------
Ein Unternehmen der VVA Kommunikation
http://www.vva.de
-----------------------------------------------------------------------
omnisuite® - integrate. automate. communicate.
http://www.omnisuite.de
-----------------------------------------------------------------------
Diese Nachricht (inklusive aller Anhänge) ist vertraulich. Sie darf
ausschließlich durch den vorgesehenen Empfänger und Adressaten gelesen,
kopiert oder genutzt werden. Sollten Sie diese Nachricht versehentlich
erhalten haben, bitten wir, den Absender (durch Antwort-E-Mail) hiervon
unverzüglich zu informieren und die Nachricht zu löschen. Jede unerlaubte
Nutzung oder Weitergabe des Inhalts dieser Nachricht, sei es vollständig
oder teilweise, ist unzulässig.
This message (including any attachments) is confidential and may be
privileged. It may be read, copied and used only by the intended recipient.
If you have received it in error please contact the sender (by return
E-Mail) immediately and delete this message. Any unauthorised use or
dissemination of this message in whole or in part is strictly prohibited.
