Hi, to set the username and password for the username token programmatically I used the following:
sc.getOptions().setProperty(WSHandlerConstants.USER, "username"); OutflowSecurityCallbackHandler cbh = new OutflowSecurityCallbackHandler(); sc.getOptions().setProperty(WSHandlerConstants.PW_CALLBACK_REF, cbh); Or sc.getOptions().setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "classname of callback handler"); In you callback handler implementation you need to set the matching password for the username. In my axis2.xml for the client I have the OutflowSecurity parameter as follows: <parameter name="OutflowSecurity"> <action> <items>UsernameToken</items> <passwordType>PasswordText</passwordType> <!-- <passwordType>PasswordDigest</passwordType> <addUTElements>Nonce Created</addUTElements> --> </action> </parameter> That should do it. BR, Leander > -----Ursprüngliche Nachricht----- > Von: brianfm [mailto:bfmur...@gmail.com] > Gesendet: Montag, 26. Januar 2009 19:30 > An: axis-user@ws.apache.org > Betreff: Re: setting username/password in soap header programmatically > > > Hi, > > thanks for your reply. > I think I should be more specific about my question. > I have added the usernametoken to the policy in the services.xml: > > <sp:SupportingTokens > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:UsernameToken/> > </wsp:Policy> > </sp:SupportingTokens> > > This works fine. > My problem is how to insert the usernametoken into the soap header > programmatically in the client. Here is my current attempt: > > SecureServiceStub stub = new > SecureServiceStub(ctx,"http://localhost:8079/axis2/services/SecureServi > ce"); > ServiceClient sc = stub._getServiceClient(); > sc.engageModule("rampart"); > sc.getOptions().setUserName("brian"); > sc.getOptions().setPassword("brianPasswords"); > --- rest of boiler plate code to set up encryption which works fine---- > ---- > > When i run this client i get the following exception: > xception in thread "main" org.apache.axis2.AxisFault: UsernameToken > missing > in request > at > org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.jav > a:512) > > So which api calls do i need to make to insert the token into the > header? > > thanks again, > > Brian > > brianfm wrote: > > > > Hi, > > > > My application requires that I programmatically set a username and > > password into the ws-security standard locations in the soap header. > Note > > that I do not want to configure Rampart athentication because > > authentication logic will be fully proprietery in the server. > > I intend to just retrieve the usename/password from soap header > > programmtically from server and then authenticate. > > > > thanks, > > > > Brian > > > > -- > View this message in context: http://www.nabble.com/setting-username- > password-in-soap-header-programmatically-tp21641020p21670839.html > Sent from the Axis - User mailing list archive at Nabble.com. VVA Networks GmbH Mario-Leander Reimer Dipl.-Inf. (FH) Teamleitung Publishing Solutions --------------------------------------------------------------------------- VVA Networks GmbH : medien mit zukunft Geisenhausenerstraße 15-17 81379 München Deutschland --------------------------------------------------------------------------- Fon: +49 89 2000375-610 Fax: +49 89 2000375-699 Mobil: +49 173 5883541 --------------------------------------------------------------------------- leander.rei...@vva-networks.de www.vva-networks.de ----------------------------------------------------------------------- HRB 33884 Düsseldorf Geschäftsführer Rolf Christian Kassel ----------------------------------------------------------------------- Ein Unternehmen der VVA Kommunikation http://www.vva.de ----------------------------------------------------------------------- omnisuite® - integrate. automate. communicate. http://www.omnisuite.de ----------------------------------------------------------------------- Diese Nachricht (inklusive aller Anhänge) ist vertraulich. Sie darf ausschließlich durch den vorgesehenen Empfänger und Adressaten gelesen, kopiert oder genutzt werden. Sollten Sie diese Nachricht versehentlich erhalten haben, bitten wir, den Absender (durch Antwort-E-Mail) hiervon unverzüglich zu informieren und die Nachricht zu löschen. Jede unerlaubte Nutzung oder Weitergabe des Inhalts dieser Nachricht, sei es vollständig oder teilweise, ist unzulässig. This message (including any attachments) is confidential and may be privileged. It may be read, copied and used only by the intended recipient. If you have received it in error please contact the sender (by return E-Mail) immediately and delete this message. Any unauthorised use or dissemination of this message in whole or in part is strictly prohibited.