Re: Order of SOAPHeader and SOAPBody
But if I configure the client_deploy.wsdd and use it like this: EngineConfiguration config = new FileProvider("client_deploy.wsdd");StockQuoteServiceService locator = new StockQuoteServiceServiceLocator(config); It works! Programmatically it does NOT work... very strange! My Web Service client runs in Oracle (PL/SQL) or other technology other than Java, so encoding the password will a problem for them, right? What should I do (adopt) to easy my client´s usage? ps: using Axis 1.3. Thanks Daniel On 4/7/06, Daniel Destro <[EMAIL PROTECTED]> wrote: Thanks again, Xinjun. Very valuable hint. I used the WSS4J tutorial ( http://ws.apache.org/wss4j/axis.html ) and example page ( http://ws.apache.org/wss4j/package.html ), but I could not get the client working. After I configured the WSDoAllReceiver, it requires the credentials. OK! But I changed my client to add the UsernameToken, but it does not add it to the SOAP request. My code is like this: MyServiceLocator serv = new MyServiceLocator(); MyService port = serv.getMyService(); Stub stub = (Stub) port; stub._setProperty(UsernameToken.PASSWORD_TYPE, WSConstants.PASSWORD_TEXT); stub._setProperty(WSHandlerConstants.USER, "werner"); stub._setProperty(WSHandlerConstants.PW_CALLBACK_REF, new PWCallback()); port.myMethod( someParam ); The SOAP is still the same, with no UsernameToken. What I am doing worng?? Thanks On 4/6/06, Xinjun Chen < [EMAIL PROTECTED]> wrote: Hi Daniel, To be specific, I tried wss4j using the Axis 1.3 library. Thefollowing article may be useful to you. http://www.devx.com/Java/Article/28816/0/page/1The author uses Axis 1.x library.Regards,Xinjun
Re: Order of SOAPHeader and SOAPBody
Thanks again, Xinjun. Very valuable hint. I used the WSS4J tutorial ( http://ws.apache.org/wss4j/axis.html ) and example page ( http://ws.apache.org/wss4j/package.html ), but I could not get the client working. After I configured the WSDoAllReceiver, it requires the credentials. OK! But I changed my client to add the UsernameToken, but it does not add it to the SOAP request. My code is like this: MyServiceLocator serv = new MyServiceLocator(); MyService port = serv.getMyService(); Stub stub = (Stub) port; stub._setProperty(UsernameToken.PASSWORD_TYPE, WSConstants.PASSWORD_TEXT); stub._setProperty(WSHandlerConstants.USER, "werner"); stub._setProperty(WSHandlerConstants.PW_CALLBACK_REF, new PWCallback()); port.myMethod( someParam ); The SOAP is still the same, with no UsernameToken. What I am doing worng?? Thanks On 4/6/06, Xinjun Chen <[EMAIL PROTECTED]> wrote: Hi Daniel,To be specific, I tried wss4j using the Axis 1.3 library. Thefollowing article may be useful to you. http://www.devx.com/Java/Article/28816/0/page/1The author uses Axis 1.x library.Regards,Xinjun
Re: Order of SOAPHeader and SOAPBody
Hi Daniel, To be specific, I tried wss4j using the Axis 1.3 library. The following article may be useful to you. http://www.devx.com/Java/Article/28816/0/page/1 The author uses Axis 1.x library. Regards, Xinjun On 4/7/06, Xinjun Chen <[EMAIL PROTECTED]> wrote: > Hi Daniel, > > Yes, you can use wss4j with Axis 1.3. I tried that before. > > Regards, > Xinjun > > On 4/7/06, Daniel Destro <[EMAIL PROTECTED]> wrote: > > Hi Xinjun, > > Thanks. > > > > I've just realized that u're using Axis2. I am using Axis 1.3 yet. > > Can I use wss4j with Axis 1.3? > > > > Where are u from? > > > > Thanks again > > Daniel - Brasil > > > > > > On 4/5/06, Xinjun Chen <[EMAIL PROTECTED]> wrote: > > > Hi Daniel, > > > > > > I take advantage of WSS4J to add UsernameToken to the SOAPEnvelope. > > > Some sample codes: > > > > > > Document domDoc = > > Axis2Util.getDocumentFromSOAPEnvelope(envelope); > > > // Add the UserNameToken. > > > WSSAddUsernameToken builder = new WSSAddUsernameToken("", false); > > > if (token.isDigested()) { > > > builder.setPasswordType(WSConstants.PASSWORD_DIGEST); > > > } else { > > > builder.setPasswordType(WSConstants.PASSWORD_TEXT); > > > } > > > > > > builder.build(domDoc, token.getUsername (), token.getPassword()); > > > Element header = (Element) > > > (domDoc.getElementsByTagName("SOAP-ENV:Header").item(0)); > > > > > > //SOAPHeader header = Axis2Util.getSOAPFactory(envelope); > > > //SOAPFactory factory = Axis2Util.getSOAPFactory (envelope); > > > > > > OMElement headerElm = (OMElement) (Axis2Util.toOM(header)); > > > envelope.getBody().insertSiblingBefore(headerElm); > > > > > > > > > These are only some experimental codes. > > > I assume the SOAPEnvelope has been constructed. What these code > > > snippet is more of a handler. There may be other ways to do it. As > > > Ruchith said, you can also take advantage of Axis2 security module. > > > > > > Regards, > > > Xinjun > > > > > > > > > On 4/6/06, Daniel Destro < [EMAIL PROTECTED]> wrote: > > > > Hi Xinjun, > > > > > > > > As I can see you are trying to add some Security to your Web Services, > > > > right? > > > > > > > > Are you doing a User Authentication / Authorization using this > > > > UsernameToken? > > > > > > > > I need to do that! > > > > > > > > How do add UsernameToken into to the SOAP request and how do u read / > > > > validate UsernameToken from the SOAP request (server-side) ??? > > > > > > > > Thanks > > > > Daniel > > > > > > > > > > > >
Re: Order of SOAPHeader and SOAPBody
Hi Daniel, Yes, you can use wss4j with Axis 1.3. I tried that before. Regards, Xinjun On 4/7/06, Daniel Destro <[EMAIL PROTECTED]> wrote: > Hi Xinjun, > Thanks. > > I've just realized that u're using Axis2. I am using Axis 1.3 yet. > Can I use wss4j with Axis 1.3? > > Where are u from? > > Thanks again > Daniel - Brasil > > > On 4/5/06, Xinjun Chen <[EMAIL PROTECTED]> wrote: > > Hi Daniel, > > > > I take advantage of WSS4J to add UsernameToken to the SOAPEnvelope. > > Some sample codes: > > > > Document domDoc = > Axis2Util.getDocumentFromSOAPEnvelope(envelope); > > // Add the UserNameToken. > > WSSAddUsernameToken builder = new WSSAddUsernameToken("", false); > > if (token.isDigested()) { > > builder.setPasswordType(WSConstants.PASSWORD_DIGEST); > > } else { > > builder.setPasswordType(WSConstants.PASSWORD_TEXT); > > } > > > > builder.build(domDoc, token.getUsername (), token.getPassword()); > > Element header = (Element) > > (domDoc.getElementsByTagName("SOAP-ENV:Header").item(0)); > > > > //SOAPHeader header = Axis2Util.getSOAPFactory(envelope); > > //SOAPFactory factory = Axis2Util.getSOAPFactory (envelope); > > > > OMElement headerElm = (OMElement) (Axis2Util.toOM(header)); > > envelope.getBody().insertSiblingBefore(headerElm); > > > > > > These are only some experimental codes. > > I assume the SOAPEnvelope has been constructed. What these code > > snippet is more of a handler. There may be other ways to do it. As > > Ruchith said, you can also take advantage of Axis2 security module. > > > > Regards, > > Xinjun > > > > > > On 4/6/06, Daniel Destro < [EMAIL PROTECTED]> wrote: > > > Hi Xinjun, > > > > > > As I can see you are trying to add some Security to your Web Services, > > > right? > > > > > > Are you doing a User Authentication / Authorization using this > > > UsernameToken? > > > > > > I need to do that! > > > > > > How do add UsernameToken into to the SOAP request and how do u read / > > > validate UsernameToken from the SOAP request (server-side) ??? > > > > > > Thanks > > > Daniel > > > > > > >
Re: Order of SOAPHeader and SOAPBody
Hi Xinjun,Thanks.I've just realized that u're using Axis2. I am using Axis 1.3 yet.Can I use wss4j with Axis 1.3?Where are u from?Thanks againDaniel - Brasil On 4/5/06, Xinjun Chen <[EMAIL PROTECTED]> wrote: Hi Daniel,I take advantage of WSS4J to add UsernameToken to the SOAPEnvelope.Some sample codes:Document domDoc = Axis2Util.getDocumentFromSOAPEnvelope(envelope);// Add the UserNameToken.WSSAddUsernameToken builder = new WSSAddUsernameToken("", false); if (token.isDigested()) {builder.setPasswordType(WSConstants.PASSWORD_DIGEST);} else {builder.setPasswordType(WSConstants.PASSWORD_TEXT);}builder.build(domDoc, token.getUsername (), token.getPassword());Element header = (Element)(domDoc.getElementsByTagName("SOAP-ENV:Header").item(0));//SOAPHeader header = Axis2Util.getSOAPFactory(envelope);//SOAPFactory factory = Axis2Util.getSOAPFactory (envelope);OMElement headerElm = (OMElement) (Axis2Util.toOM(header));envelope.getBody().insertSiblingBefore(headerElm);These are only some experimental codes.I assume the SOAPEnvelope has been constructed. What these code snippet is more of a handler. There may be other ways to do it. AsRuchith said, you can also take advantage of Axis2 security module.Regards,XinjunOn 4/6/06, Daniel Destro < [EMAIL PROTECTED]> wrote:> Hi Xinjun,>> As I can see you are trying to add some Security to your Web Services,> right?>> Are you doing a User Authentication / Authorization using this > UsernameToken?>> I need to do that!>> How do add UsernameToken into to the SOAP request and how do u read /> validate UsernameToken from the SOAP request (server-side) ???> > Thanks> Daniel>
Re: Order of SOAPHeader and SOAPBody
Xinjun Chen wrote: > Hi Eran, > > Could you tell me what files are modified to fix this bug? http://svn.apache.org/viewcvs?rev=391602&view=rev signature.asc Description: OpenPGP digital signature
Re: Order of SOAPHeader and SOAPBody
Yep ... sounds good... :-) Please try it out and let us know if you run into any issues Thanks, Ruchith On 4/6/06, Xinjun Chen <[EMAIL PROTECTED]> wrote: > Hi Ruchith, > > Your reference is extremely useful! Thank you very much. > What I am trying to is to use security module at the server side, and > use some other handlers at the client side. I am testing the > interoperability between my proprietary module and the Axis2 security > module. Am i on the right track to do the work? > > > Regards, > Xinjun > > On 4/6/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote: > > Hi, > > > > If you are using Axis2 you can use the Axis2 security module [1] to do this. > > > > Please see this simple how-to [2] document and try it out. > > > > Example: > > client's configured axis2.xml file - [3] > > the service's services.xml file - [4] > > > > Thanks, > > Ruchith > > > > [1] > > http://www.apache.org/dyn/mirrors/mirrors.cgi/ws/axis2/modules/wss4j/0_95/security-0.95.mar > > [2] http://ws.apache.org/axis2/0_95/security-module.html > > [3] > > https://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.client.axis2.xml > > [4] > > https://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.service.xml > > > > On 4/5/06, Daniel Destro <[EMAIL PROTECTED]> wrote: > > > Hi Xinjun, > > > > > > As I can see you are trying to add some Security to your Web Services, > > > right? > > > > > > Are you doing a User Authentication / Authorization using this > > > UsernameToken? > > > > > > I need to do that! > > > > > > How do add UsernameToken into to the SOAP request and how do u read / > > > validate UsernameToken from the SOAP request (server-side) ??? > > > > > > Thanks > > > Daniel > > > > > >
Re: Order of SOAPHeader and SOAPBody
Hi Eran, Could you tell me what files are modified to fix this bug? Regards, Xinjun On 4/6/06, Eran Chinthaka <[EMAIL PROTECTED]> wrote: > Hi Xinjun, > > We can not fix any bugs in releases (unfortunately). But I fixed that in > the latest svn head. So you need to build against the current svn. > Do not worry, checking out Axis2 sources and building it is very simple, > as we have maven as our build tool. > > (But in case, if you get any problems, please ask it here ;) ) > > -- Chinthaka > > Xinjun Chen wrote: > > Hi Eran, > > > > Thank you! > > Did you fix the bug in Axis2 0.94 or 0.95? I am using Axis2 0.94. Must > > I upgrade to 0.95? > > > > Regards, > > Xinjun > > > > On 4/6/06, Eran Chinthaka <[EMAIL PROTECTED]> wrote: > >> Hi Xinjun, > >> > >> There was a known bug in SOAPEnvelope, which is the same pointed out > >> also. I fixed it and now you can add SOAPHeader now to SOAPEnvelope and > >> that will be added properly now. > >> > >> -- Chinthaka > >> > >> Xinjun Chen wrote: > >>> I found a walk-around. > >>> > >>> envelope.getBody().insertSiblingBefore(headerElm); > >>> > >>> This will add the header OMElement into the envelope. However, the > >>> Header added is only considered as a child element of envelope, not a > >>> SOAPHeader. Thus if I call envelope.getHeader(), I will get exception. > >>> > >>> Regards, > >>> Xinjun > >>> > >>> On 4/5/06, Xinjun Chen <[EMAIL PROTECTED]> wrote: > I am using the following function to add UsernameToken to my security > header. But the processed envelope get some problems. > 1. The Header is placed after the body. How can I insert SOAPHeader > before SOAPBody? > 2. The security header defines the xmlns:xsd and xmlns:xsi again, > which have already been defined in . > > Could you give me some advice on how to solve the above two problems? > > Attached: > > 1) The function used for adding username token to the envelope: > > public void addUsernameTokens(UsernameToken token, final SOAPEnvelope > envelope) throws Exception { > Document domDoc = Axis2Util.getDocumentFromSOAPEnvelope(envelope); > WSSAddUsernameToken builder = new WSSAddUsernameToken("", false); > if (token.isDigested()) { > builder.setPasswordType(WSConstants.PASSWORD_DIGEST); > } else { > builder.setPasswordTyp(WSConstants.PASSWORD_TEXT); > } > > builder.build(domDoc, token.getUsername(), token.getPassword()); > Element header = (Element) > (domDoc.getElementsByTagName("wsse:Security").item(0)); > OMElement headerElm = (OMElement) (Axis2Util.toOM(header)); > SOAPFactory factory = Axis2Util.getSOAPFactory(envelope); > factory.createSOAPHeader(envelope); > envelope.getHeader().addChild(headerElm); > } > > 2): The original soap envelope: > > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema";> > > http://services/helloworld";> > Hello world! > > > > > 3): The processed soap envelope: > > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema";> > > http://services/helloworld";> > Hello world! > > > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema";> > xinjun Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>password > > >> > >> > >> > >> > > > > > > >
Re: Order of SOAPHeader and SOAPBody
Hi Xinjun, We can not fix any bugs in releases (unfortunately). But I fixed that in the latest svn head. So you need to build against the current svn. Do not worry, checking out Axis2 sources and building it is very simple, as we have maven as our build tool. (But in case, if you get any problems, please ask it here ;) ) -- Chinthaka Xinjun Chen wrote: > Hi Eran, > > Thank you! > Did you fix the bug in Axis2 0.94 or 0.95? I am using Axis2 0.94. Must > I upgrade to 0.95? > > Regards, > Xinjun > > On 4/6/06, Eran Chinthaka <[EMAIL PROTECTED]> wrote: >> Hi Xinjun, >> >> There was a known bug in SOAPEnvelope, which is the same pointed out >> also. I fixed it and now you can add SOAPHeader now to SOAPEnvelope and >> that will be added properly now. >> >> -- Chinthaka >> >> Xinjun Chen wrote: >>> I found a walk-around. >>> >>> envelope.getBody().insertSiblingBefore(headerElm); >>> >>> This will add the header OMElement into the envelope. However, the >>> Header added is only considered as a child element of envelope, not a >>> SOAPHeader. Thus if I call envelope.getHeader(), I will get exception. >>> >>> Regards, >>> Xinjun >>> >>> On 4/5/06, Xinjun Chen <[EMAIL PROTECTED]> wrote: I am using the following function to add UsernameToken to my security header. But the processed envelope get some problems. 1. The Header is placed after the body. How can I insert SOAPHeader before SOAPBody? 2. The security header defines the xmlns:xsd and xmlns:xsi again, which have already been defined in . Could you give me some advice on how to solve the above two problems? Attached: 1) The function used for adding username token to the envelope: public void addUsernameTokens(UsernameToken token, final SOAPEnvelope envelope) throws Exception { Document domDoc = Axis2Util.getDocumentFromSOAPEnvelope(envelope); WSSAddUsernameToken builder = new WSSAddUsernameToken("", false); if (token.isDigested()) { builder.setPasswordType(WSConstants.PASSWORD_DIGEST); } else { builder.setPasswordTyp(WSConstants.PASSWORD_TEXT); } builder.build(domDoc, token.getUsername(), token.getPassword()); Element header = (Element) (domDoc.getElementsByTagName("wsse:Security").item(0)); OMElement headerElm = (OMElement) (Axis2Util.toOM(header)); SOAPFactory factory = Axis2Util.getSOAPFactory(envelope); factory.createSOAPHeader(envelope); envelope.getHeader().addChild(headerElm); } 2): The original soap envelope: >>> xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema";> http://services/helloworld";> Hello world! 3): The processed soap envelope: >>> xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema";> http://services/helloworld";> Hello world! >>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema";> xinjun>>> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>password >> >> >> >> > signature.asc Description: OpenPGP digital signature
Re: Order of SOAPHeader and SOAPBody
Hi Ruchith, Your reference is extremely useful! Thank you very much. What I am trying to is to use security module at the server side, and use some other handlers at the client side. I am testing the interoperability between my proprietary module and the Axis2 security module. Am i on the right track to do the work? Regards, Xinjun On 4/6/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote: > Hi, > > If you are using Axis2 you can use the Axis2 security module [1] to do this. > > Please see this simple how-to [2] document and try it out. > > Example: > client's configured axis2.xml file - [3] > the service's services.xml file - [4] > > Thanks, > Ruchith > > [1] > http://www.apache.org/dyn/mirrors/mirrors.cgi/ws/axis2/modules/wss4j/0_95/security-0.95.mar > [2] http://ws.apache.org/axis2/0_95/security-module.html > [3] > https://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.client.axis2.xml > [4] > https://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.service.xml > > On 4/5/06, Daniel Destro <[EMAIL PROTECTED]> wrote: > > Hi Xinjun, > > > > As I can see you are trying to add some Security to your Web Services, > > right? > > > > Are you doing a User Authentication / Authorization using this > > UsernameToken? > > > > I need to do that! > > > > How do add UsernameToken into to the SOAP request and how do u read / > > validate UsernameToken from the SOAP request (server-side) ??? > > > > Thanks > > Daniel > > >
Re: Order of SOAPHeader and SOAPBody
Hi Daniel, I take advantage of WSS4J to add UsernameToken to the SOAPEnvelope. Some sample codes: Document domDoc = Axis2Util.getDocumentFromSOAPEnvelope(envelope); // Add the UserNameToken. WSSAddUsernameToken builder = new WSSAddUsernameToken("", false); if (token.isDigested()) { builder.setPasswordType(WSConstants.PASSWORD_DIGEST); } else { builder.setPasswordType(WSConstants.PASSWORD_TEXT); } builder.build(domDoc, token.getUsername(), token.getPassword()); Element header = (Element) (domDoc.getElementsByTagName("SOAP-ENV:Header").item(0)); //SOAPHeader header = Axis2Util.getSOAPFactory(envelope); //SOAPFactory factory = Axis2Util.getSOAPFactory(envelope); OMElement headerElm = (OMElement) (Axis2Util.toOM(header)); envelope.getBody().insertSiblingBefore(headerElm); These are only some experimental codes. I assume the SOAPEnvelope has been constructed. What these code snippet is more of a handler. There may be other ways to do it. As Ruchith said, you can also take advantage of Axis2 security module. Regards, Xinjun On 4/6/06, Daniel Destro <[EMAIL PROTECTED]> wrote: > Hi Xinjun, > > As I can see you are trying to add some Security to your Web Services, > right? > > Are you doing a User Authentication / Authorization using this > UsernameToken? > > I need to do that! > > How do add UsernameToken into to the SOAP request and how do u read / > validate UsernameToken from the SOAP request (server-side) ??? > > Thanks > Daniel >
Re: Order of SOAPHeader and SOAPBody
Hi Eran, Thank you! Did you fix the bug in Axis2 0.94 or 0.95? I am using Axis2 0.94. Must I upgrade to 0.95? Regards, Xinjun On 4/6/06, Eran Chinthaka <[EMAIL PROTECTED]> wrote: > Hi Xinjun, > > There was a known bug in SOAPEnvelope, which is the same pointed out > also. I fixed it and now you can add SOAPHeader now to SOAPEnvelope and > that will be added properly now. > > -- Chinthaka > > Xinjun Chen wrote: > > I found a walk-around. > > > > envelope.getBody().insertSiblingBefore(headerElm); > > > > This will add the header OMElement into the envelope. However, the > > Header added is only considered as a child element of envelope, not a > > SOAPHeader. Thus if I call envelope.getHeader(), I will get exception. > > > > Regards, > > Xinjun > > > > On 4/5/06, Xinjun Chen <[EMAIL PROTECTED]> wrote: > >> I am using the following function to add UsernameToken to my security > >> header. But the processed envelope get some problems. > >> 1. The Header is placed after the body. How can I insert SOAPHeader > >> before SOAPBody? > >> 2. The security header defines the xmlns:xsd and xmlns:xsi again, > >> which have already been defined in . > >> > >> Could you give me some advice on how to solve the above two problems? > >> > >> Attached: > >> > >> 1) The function used for adding username token to the envelope: > >> > >> public void addUsernameTokens(UsernameToken token, final SOAPEnvelope > >> envelope) throws Exception { > >>Document domDoc = Axis2Util.getDocumentFromSOAPEnvelope(envelope); > >>WSSAddUsernameToken builder = new WSSAddUsernameToken("", false); > >>if (token.isDigested()) { > >>builder.setPasswordType(WSConstants.PASSWORD_DIGEST); > >>} else { > >>builder.setPasswordTyp(WSConstants.PASSWORD_TEXT); > >>} > >> > >>builder.build(domDoc, token.getUsername(), token.getPassword()); > >>Element header = (Element) > >> (domDoc.getElementsByTagName("wsse:Security").item(0)); > >>OMElement headerElm = (OMElement) (Axis2Util.toOM(header)); > >>SOAPFactory factory = Axis2Util.getSOAPFactory(envelope); > >>factory.createSOAPHeader(envelope); > >>envelope.getHeader().addChild(headerElm); > >> } > >> > >> 2): The original soap envelope: > >> > >> >> xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > >> xmlns:xsd="http://www.w3.org/2001/XMLSchema";> > >> > >> http://services/helloworld";> > >> Hello world! > >> > >> > >> > >> > >> 3): The processed soap envelope: > >> > >> >> xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > >> xmlns:xsd="http://www.w3.org/2001/XMLSchema";> > >> > >> http://services/helloworld";> > >> Hello world! > >> > >> > >> >> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; > >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > >> xmlns:xsd="http://www.w3.org/2001/XMLSchema";> > >> xinjun >> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>password > >> > > > > > > >
Re: Order of SOAPHeader and SOAPBody
Hi, If you are using Axis2 you can use the Axis2 security module [1] to do this. Please see this simple how-to [2] document and try it out. Example: client's configured axis2.xml file - [3] the service's services.xml file - [4] Thanks, Ruchith [1] http://www.apache.org/dyn/mirrors/mirrors.cgi/ws/axis2/modules/wss4j/0_95/security-0.95.mar [2] http://ws.apache.org/axis2/0_95/security-module.html [3] https://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.client.axis2.xml [4] https://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.service.xml On 4/5/06, Daniel Destro <[EMAIL PROTECTED]> wrote: > Hi Xinjun, > > As I can see you are trying to add some Security to your Web Services, > right? > > Are you doing a User Authentication / Authorization using this > UsernameToken? > > I need to do that! > > How do add UsernameToken into to the SOAP request and how do u read / > validate UsernameToken from the SOAP request (server-side) ??? > > Thanks > Daniel >
Re: Order of SOAPHeader and SOAPBody
Hi Xinjun,As I can see you are trying to add some Security to your Web Services, right?Are you doing a User Authentication / Authorization using this UsernameToken?I need to do that!How do add UsernameToken into to the SOAP request and how do u read / validate UsernameToken from the SOAP request (server-side) ??? ThanksDaniel
Re: Order of SOAPHeader and SOAPBody
Hi Xinjun, There was a known bug in SOAPEnvelope, which is the same pointed out also. I fixed it and now you can add SOAPHeader now to SOAPEnvelope and that will be added properly now. -- Chinthaka Xinjun Chen wrote: > I found a walk-around. > > envelope.getBody().insertSiblingBefore(headerElm); > > This will add the header OMElement into the envelope. However, the > Header added is only considered as a child element of envelope, not a > SOAPHeader. Thus if I call envelope.getHeader(), I will get exception. > > Regards, > Xinjun > > On 4/5/06, Xinjun Chen <[EMAIL PROTECTED]> wrote: >> I am using the following function to add UsernameToken to my security >> header. But the processed envelope get some problems. >> 1. The Header is placed after the body. How can I insert SOAPHeader >> before SOAPBody? >> 2. The security header defines the xmlns:xsd and xmlns:xsi again, >> which have already been defined in . >> >> Could you give me some advice on how to solve the above two problems? >> >> Attached: >> >> 1) The function used for adding username token to the envelope: >> >> public void addUsernameTokens(UsernameToken token, final SOAPEnvelope >> envelope) throws Exception { >>Document domDoc = Axis2Util.getDocumentFromSOAPEnvelope(envelope); >>WSSAddUsernameToken builder = new WSSAddUsernameToken("", false); >>if (token.isDigested()) { >>builder.setPasswordType(WSConstants.PASSWORD_DIGEST); >>} else { >>builder.setPasswordTyp(WSConstants.PASSWORD_TEXT); >>} >> >>builder.build(domDoc, token.getUsername(), token.getPassword()); >>Element header = (Element) >> (domDoc.getElementsByTagName("wsse:Security").item(0)); >>OMElement headerElm = (OMElement) (Axis2Util.toOM(header)); >>SOAPFactory factory = Axis2Util.getSOAPFactory(envelope); >>factory.createSOAPHeader(envelope); >>envelope.getHeader().addChild(headerElm); >> } >> >> 2): The original soap envelope: >> >> > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> xmlns:xsd="http://www.w3.org/2001/XMLSchema";> >> >> http://services/helloworld";> >> Hello world! >> >> >> >> >> 3): The processed soap envelope: >> >> > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> xmlns:xsd="http://www.w3.org/2001/XMLSchema";> >> >> http://services/helloworld";> >> Hello world! >> >> >> > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> xmlns:xsd="http://www.w3.org/2001/XMLSchema";> >> xinjun> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>password >> > signature.asc Description: OpenPGP digital signature
Re: Order of SOAPHeader and SOAPBody
I found a walk-around. envelope.getBody().insertSiblingBefore(headerElm); This will add the header OMElement into the envelope. However, the Header added is only considered as a child element of envelope, not a SOAPHeader. Thus if I call envelope.getHeader(), I will get exception. Regards, Xinjun On 4/5/06, Xinjun Chen <[EMAIL PROTECTED]> wrote: > I am using the following function to add UsernameToken to my security > header. But the processed envelope get some problems. > 1. The Header is placed after the body. How can I insert SOAPHeader > before SOAPBody? > 2. The security header defines the xmlns:xsd and xmlns:xsi again, > which have already been defined in . > > Could you give me some advice on how to solve the above two problems? > > Attached: > > 1) The function used for adding username token to the envelope: > > public void addUsernameTokens(UsernameToken token, final SOAPEnvelope > envelope) throws Exception { >Document domDoc = Axis2Util.getDocumentFromSOAPEnvelope(envelope); >WSSAddUsernameToken builder = new WSSAddUsernameToken("", false); >if (token.isDigested()) { >builder.setPasswordType(WSConstants.PASSWORD_DIGEST); >} else { >builder.setPasswordTyp(WSConstants.PASSWORD_TEXT); >} > >builder.build(domDoc, token.getUsername(), token.getPassword()); >Element header = (Element) > (domDoc.getElementsByTagName("wsse:Security").item(0)); >OMElement headerElm = (OMElement) (Axis2Util.toOM(header)); >SOAPFactory factory = Axis2Util.getSOAPFactory(envelope); >factory.createSOAPHeader(envelope); >envelope.getHeader().addChild(headerElm); > } > > 2): The original soap envelope: > > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema";> > > http://services/helloworld";> > Hello world! > > > > > 3): The processed soap envelope: > > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema";> > > http://services/helloworld";> > Hello world! > > > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema";> > xinjun Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>password >
Order of SOAPHeader and SOAPBody
I am using the following function to add UsernameToken to my security header. But the processed envelope get some problems. 1. The Header is placed after the body. How can I insert SOAPHeader before SOAPBody? 2. The security header defines the xmlns:xsd and xmlns:xsi again, which have already been defined in . Could you give me some advice on how to solve the above two problems? Attached: 1) The function used for adding username token to the envelope: public void addUsernameTokens(UsernameToken token, final SOAPEnvelope envelope) throws Exception { Document domDoc = Axis2Util.getDocumentFromSOAPEnvelope(envelope); WSSAddUsernameToken builder = new WSSAddUsernameToken("", false); if (token.isDigested()) { builder.setPasswordType(WSConstants.PASSWORD_DIGEST); } else { builder.setPasswordTyp(WSConstants.PASSWORD_TEXT); } builder.build(domDoc, token.getUsername(), token.getPassword()); Element header = (Element) (domDoc.getElementsByTagName("wsse:Security").item(0)); OMElement headerElm = (OMElement) (Axis2Util.toOM(header)); SOAPFactory factory = Axis2Util.getSOAPFactory(envelope); factory.createSOAPHeader(envelope); envelope.getHeader().addChild(headerElm); } 2): The original soap envelope: http://www.w3.org/2003/05/soap-envelope"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema";> http://services/helloworld";> Hello world! 3): The processed soap envelope: http://www.w3.org/2003/05/soap-envelope"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema";> http://services/helloworld";> Hello world! http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema";> xinjunhttp://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>password