Re: Order of SOAPHeader and SOAPBody
Thanks again, Xinjun. Very valuable hint. I used the WSS4J tutorial (http://ws.apache.org/wss4j/axis.html ) and example page ( http://ws.apache.org/wss4j/package.html ), but I could not get the client working. After I configured the WSDoAllReceiver, it requires the credentials. OK! But I changed my client to add the UsernameToken, but it does not add it to the SOAP request. My code is like this: MyServiceLocator serv = new MyServiceLocator(); MyService port = serv.getMyService(); Stub stub = (Stub) port; stub._setProperty(UsernameToken.PASSWORD_TYPE, WSConstants.PASSWORD_TEXT); stub._setProperty(WSHandlerConstants.USER, werner); stub._setProperty(WSHandlerConstants.PW_CALLBACK_REF, new PWCallback()); port.myMethod( someParam ); The SOAP is still the same, with no UsernameToken. What I am doing worng?? Thanks On 4/6/06, Xinjun Chen [EMAIL PROTECTED] wrote: Hi Daniel,To be specific, I tried wss4j using the Axis 1.3 library. Thefollowing article may be useful to you. http://www.devx.com/Java/Article/28816/0/page/1The author uses Axis 1.x library.Regards,Xinjun
Re: Order of SOAPHeader and SOAPBody
But if Iconfigure the client_deploy.wsdd and use it like this: EngineConfiguration config = new FileProvider(client_deploy.wsdd);StockQuoteServiceService locator = new StockQuoteServiceServiceLocator(config); It works! Programmatically it does NOT work... very strange! My Web Service client runs in Oracle (PL/SQL) or other technology other than Java, so encoding the password will a problem for them, right? What should I do (adopt) to easy my client´s usage? ps: using Axis 1.3. Thanks Daniel On 4/7/06, Daniel Destro [EMAIL PROTECTED] wrote: Thanks again, Xinjun. Very valuable hint. I used the WSS4J tutorial (http://ws.apache.org/wss4j/axis.html ) and example page ( http://ws.apache.org/wss4j/package.html ), but I could not get the client working. After I configured the WSDoAllReceiver, it requires the credentials. OK! But I changed my client to add the UsernameToken, but it does not add it to the SOAP request. My code is like this: MyServiceLocator serv = new MyServiceLocator(); MyService port = serv.getMyService(); Stub stub = (Stub) port; stub._setProperty(UsernameToken.PASSWORD_TYPE, WSConstants.PASSWORD_TEXT); stub._setProperty(WSHandlerConstants.USER, werner); stub._setProperty(WSHandlerConstants.PW_CALLBACK_REF, new PWCallback()); port.myMethod( someParam ); The SOAP is still the same, with no UsernameToken. What I am doing worng?? Thanks On 4/6/06, Xinjun Chen [EMAIL PROTECTED] wrote: Hi Daniel, To be specific, I tried wss4j using the Axis 1.3 library. Thefollowing article may be useful to you. http://www.devx.com/Java/Article/28816/0/page/1The author uses Axis 1.x library.Regards,Xinjun
Re: Order of SOAPHeader and SOAPBody
Hi Xinjun,Thanks.I've just realized that u're using Axis2. I am using Axis 1.3 yet.Can I use wss4j with Axis 1.3?Where are u from?Thanks againDaniel - Brasil
On 4/5/06, Xinjun Chen [EMAIL PROTECTED] wrote:
Hi Daniel,I take advantage of WSS4J to add UsernameToken to the SOAPEnvelope.Some sample codes:Document domDoc = Axis2Util.getDocumentFromSOAPEnvelope(envelope);// Add the UserNameToken.WSSAddUsernameToken builder = new WSSAddUsernameToken(, false);
if (token.isDigested()) {builder.setPasswordType(WSConstants.PASSWORD_DIGEST);} else {builder.setPasswordType(WSConstants.PASSWORD_TEXT);}builder.build(domDoc, token.getUsername
(), token.getPassword());Element header = (Element)(domDoc.getElementsByTagName(SOAP-ENV:Header).item(0));//SOAPHeader header = Axis2Util.getSOAPFactory(envelope);//SOAPFactory factory = Axis2Util.getSOAPFactory
(envelope);OMElement headerElm = (OMElement) (Axis2Util.toOM(header));envelope.getBody().insertSiblingBefore(headerElm);These are only some experimental codes.I assume the SOAPEnvelope has been constructed. What these code
snippet is more of a handler. There may be other ways to do it. AsRuchith said, you can also take advantage of Axis2 security module.Regards,XinjunOn 4/6/06, Daniel Destro
[EMAIL PROTECTED] wrote: Hi Xinjun, As I can see you are trying to add some Security to your Web Services, right? Are you doing a User Authentication / Authorization using this
UsernameToken? I need to do that! How do add UsernameToken into to the SOAP request and how do u read / validate UsernameToken from the SOAP request (server-side) ???
Thanks Daniel
Re: Order of SOAPHeader and SOAPBody
Hi Daniel,
Yes, you can use wss4j with Axis 1.3. I tried that before.
Regards,
Xinjun
On 4/7/06, Daniel Destro [EMAIL PROTECTED] wrote:
Hi Xinjun,
Thanks.
I've just realized that u're using Axis2. I am using Axis 1.3 yet.
Can I use wss4j with Axis 1.3?
Where are u from?
Thanks again
Daniel - Brasil
On 4/5/06, Xinjun Chen [EMAIL PROTECTED] wrote:
Hi Daniel,
I take advantage of WSS4J to add UsernameToken to the SOAPEnvelope.
Some sample codes:
Document domDoc =
Axis2Util.getDocumentFromSOAPEnvelope(envelope);
// Add the UserNameToken.
WSSAddUsernameToken builder = new WSSAddUsernameToken(, false);
if (token.isDigested()) {
builder.setPasswordType(WSConstants.PASSWORD_DIGEST);
} else {
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
}
builder.build(domDoc, token.getUsername (), token.getPassword());
Element header = (Element)
(domDoc.getElementsByTagName(SOAP-ENV:Header).item(0));
//SOAPHeader header = Axis2Util.getSOAPFactory(envelope);
//SOAPFactory factory = Axis2Util.getSOAPFactory (envelope);
OMElement headerElm = (OMElement) (Axis2Util.toOM(header));
envelope.getBody().insertSiblingBefore(headerElm);
These are only some experimental codes.
I assume the SOAPEnvelope has been constructed. What these code
snippet is more of a handler. There may be other ways to do it. As
Ruchith said, you can also take advantage of Axis2 security module.
Regards,
Xinjun
On 4/6/06, Daniel Destro [EMAIL PROTECTED] wrote:
Hi Xinjun,
As I can see you are trying to add some Security to your Web Services,
right?
Are you doing a User Authentication / Authorization using this
UsernameToken?
I need to do that!
How do add UsernameToken into to the SOAP request and how do u read /
validate UsernameToken from the SOAP request (server-side) ???
Thanks
Daniel
Re: Order of SOAPHeader and SOAPBody
Hi Daniel,
To be specific, I tried wss4j using the Axis 1.3 library. The
following article may be useful to you.
http://www.devx.com/Java/Article/28816/0/page/1
The author uses Axis 1.x library.
Regards,
Xinjun
On 4/7/06, Xinjun Chen [EMAIL PROTECTED] wrote:
Hi Daniel,
Yes, you can use wss4j with Axis 1.3. I tried that before.
Regards,
Xinjun
On 4/7/06, Daniel Destro [EMAIL PROTECTED] wrote:
Hi Xinjun,
Thanks.
I've just realized that u're using Axis2. I am using Axis 1.3 yet.
Can I use wss4j with Axis 1.3?
Where are u from?
Thanks again
Daniel - Brasil
On 4/5/06, Xinjun Chen [EMAIL PROTECTED] wrote:
Hi Daniel,
I take advantage of WSS4J to add UsernameToken to the SOAPEnvelope.
Some sample codes:
Document domDoc =
Axis2Util.getDocumentFromSOAPEnvelope(envelope);
// Add the UserNameToken.
WSSAddUsernameToken builder = new WSSAddUsernameToken(, false);
if (token.isDigested()) {
builder.setPasswordType(WSConstants.PASSWORD_DIGEST);
} else {
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
}
builder.build(domDoc, token.getUsername (), token.getPassword());
Element header = (Element)
(domDoc.getElementsByTagName(SOAP-ENV:Header).item(0));
//SOAPHeader header = Axis2Util.getSOAPFactory(envelope);
//SOAPFactory factory = Axis2Util.getSOAPFactory (envelope);
OMElement headerElm = (OMElement) (Axis2Util.toOM(header));
envelope.getBody().insertSiblingBefore(headerElm);
These are only some experimental codes.
I assume the SOAPEnvelope has been constructed. What these code
snippet is more of a handler. There may be other ways to do it. As
Ruchith said, you can also take advantage of Axis2 security module.
Regards,
Xinjun
On 4/6/06, Daniel Destro [EMAIL PROTECTED] wrote:
Hi Xinjun,
As I can see you are trying to add some Security to your Web Services,
right?
Are you doing a User Authentication / Authorization using this
UsernameToken?
I need to do that!
How do add UsernameToken into to the SOAP request and how do u read /
validate UsernameToken from the SOAP request (server-side) ???
Thanks
Daniel
Re: Order of SOAPHeader and SOAPBody
Hi Xinjun,
There was a known bug in SOAPEnvelope, which is the same pointed out
also. I fixed it and now you can add SOAPHeader now to SOAPEnvelope and
that will be added properly now.
-- Chinthaka
Xinjun Chen wrote:
I found a walk-around.
envelope.getBody().insertSiblingBefore(headerElm);
This will add the header OMElement into the envelope. However, the
Header added is only considered as a child element of envelope, not a
SOAPHeader. Thus if I call envelope.getHeader(), I will get exception.
Regards,
Xinjun
On 4/5/06, Xinjun Chen [EMAIL PROTECTED] wrote:
I am using the following function to add UsernameToken to my security
header. But the processed envelope get some problems.
1. The Header is placed after the body. How can I insert SOAPHeader
before SOAPBody?
2. The security header defines the xmlns:xsd and xmlns:xsi again,
which have already been defined in SOAP-ENV:Envelope.
Could you give me some advice on how to solve the above two problems?
Attached:
1) The function used for adding username token to the envelope:
public void addUsernameTokens(UsernameToken token, final SOAPEnvelope
envelope) throws Exception {
Document domDoc = Axis2Util.getDocumentFromSOAPEnvelope(envelope);
WSSAddUsernameToken builder = new WSSAddUsernameToken(, false);
if (token.isDigested()) {
builder.setPasswordType(WSConstants.PASSWORD_DIGEST);
} else {
builder.setPasswordTyp(WSConstants.PASSWORD_TEXT);
}
builder.build(domDoc, token.getUsername(), token.getPassword());
Element header = (Element)
(domDoc.getElementsByTagName(wsse:Security).item(0));
OMElement headerElm = (OMElement) (Axis2Util.toOM(header));
SOAPFactory factory = Axis2Util.getSOAPFactory(envelope);
factory.createSOAPHeader(envelope);
envelope.getHeader().addChild(headerElm);
}
2): The original soap envelope:
?xml version='1.0' encoding='utf-8'?SOAP-ENV:Envelope
xmlns:SOAP-ENV=http://www.w3.org/2003/05/soap-envelope;
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
xmlns:xsd=http://www.w3.org/2001/XMLSchema;
SOAP-ENV:Body
sayHello xmlns=http://services/helloworld;
valueHello world!/value
/sayHello
/SOAP-ENV:Body
/SOAP-ENV:Envelope
3): The processed soap envelope:
?xml version='1.0' encoding='utf-8'?SOAP-ENV:Envelope
xmlns:SOAP-ENV=http://www.w3.org/2003/05/soap-envelope;
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
xmlns:xsd=http://www.w3.org/2001/XMLSchema;
SOAP-ENV:Body
sayHello xmlns=http://services/helloworld;
valueHello world!/value
/sayHello
/SOAP-ENV:Body
SOAP-ENV:Headerwsse:Security
xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd;
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
xmlns:xsd=http://www.w3.org/2001/XMLSchema;
wsse:UsernameTokenwsse:Usernamexinjun/wsse:Usernamewsse:Password
Type=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText;password/wsse:Password/wsse:UsernameToken/wsse:Security/SOAP-ENV:Header/SOAP-ENV:Envelope
signature.asc
Description: OpenPGP digital signature
Re: Order of SOAPHeader and SOAPBody
Hi Xinjun,As I can see you are trying to add some Security to your Web Services, right?Are you doing a User Authentication / Authorization using this UsernameToken?I need to do that!How do add UsernameToken into to the SOAP request and how do u read / validate UsernameToken from the SOAP request (server-side) ??? ThanksDaniel
Re: Order of SOAPHeader and SOAPBody
Hi, If you are using Axis2 you can use the Axis2 security module [1] to do this. Please see this simple how-to [2] document and try it out. Example: client's configured axis2.xml file - [3] the service's services.xml file - [4] Thanks, Ruchith [1] http://www.apache.org/dyn/mirrors/mirrors.cgi/ws/axis2/modules/wss4j/0_95/security-0.95.mar [2] http://ws.apache.org/axis2/0_95/security-module.html [3] https://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.client.axis2.xml [4] https://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test-resources/security/s1.service.xml On 4/5/06, Daniel Destro [EMAIL PROTECTED] wrote: Hi Xinjun, As I can see you are trying to add some Security to your Web Services, right? Are you doing a User Authentication / Authorization using this UsernameToken? I need to do that! How do add UsernameToken into to the SOAP request and how do u read / validate UsernameToken from the SOAP request (server-side) ??? Thanks Daniel
Re: Order of SOAPHeader and SOAPBody
Hi Eran,
Thank you!
Did you fix the bug in Axis2 0.94 or 0.95? I am using Axis2 0.94. Must
I upgrade to 0.95?
Regards,
Xinjun
On 4/6/06, Eran Chinthaka [EMAIL PROTECTED] wrote:
Hi Xinjun,
There was a known bug in SOAPEnvelope, which is the same pointed out
also. I fixed it and now you can add SOAPHeader now to SOAPEnvelope and
that will be added properly now.
-- Chinthaka
Xinjun Chen wrote:
I found a walk-around.
envelope.getBody().insertSiblingBefore(headerElm);
This will add the header OMElement into the envelope. However, the
Header added is only considered as a child element of envelope, not a
SOAPHeader. Thus if I call envelope.getHeader(), I will get exception.
Regards,
Xinjun
On 4/5/06, Xinjun Chen [EMAIL PROTECTED] wrote:
I am using the following function to add UsernameToken to my security
header. But the processed envelope get some problems.
1. The Header is placed after the body. How can I insert SOAPHeader
before SOAPBody?
2. The security header defines the xmlns:xsd and xmlns:xsi again,
which have already been defined in SOAP-ENV:Envelope.
Could you give me some advice on how to solve the above two problems?
Attached:
1) The function used for adding username token to the envelope:
public void addUsernameTokens(UsernameToken token, final SOAPEnvelope
envelope) throws Exception {
Document domDoc = Axis2Util.getDocumentFromSOAPEnvelope(envelope);
WSSAddUsernameToken builder = new WSSAddUsernameToken(, false);
if (token.isDigested()) {
builder.setPasswordType(WSConstants.PASSWORD_DIGEST);
} else {
builder.setPasswordTyp(WSConstants.PASSWORD_TEXT);
}
builder.build(domDoc, token.getUsername(), token.getPassword());
Element header = (Element)
(domDoc.getElementsByTagName(wsse:Security).item(0));
OMElement headerElm = (OMElement) (Axis2Util.toOM(header));
SOAPFactory factory = Axis2Util.getSOAPFactory(envelope);
factory.createSOAPHeader(envelope);
envelope.getHeader().addChild(headerElm);
}
2): The original soap envelope:
?xml version='1.0' encoding='utf-8'?SOAP-ENV:Envelope
xmlns:SOAP-ENV=http://www.w3.org/2003/05/soap-envelope;
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
xmlns:xsd=http://www.w3.org/2001/XMLSchema;
SOAP-ENV:Body
sayHello xmlns=http://services/helloworld;
valueHello world!/value
/sayHello
/SOAP-ENV:Body
/SOAP-ENV:Envelope
3): The processed soap envelope:
?xml version='1.0' encoding='utf-8'?SOAP-ENV:Envelope
xmlns:SOAP-ENV=http://www.w3.org/2003/05/soap-envelope;
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
xmlns:xsd=http://www.w3.org/2001/XMLSchema;
SOAP-ENV:Body
sayHello xmlns=http://services/helloworld;
valueHello world!/value
/sayHello
/SOAP-ENV:Body
SOAP-ENV:Headerwsse:Security
xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd;
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
xmlns:xsd=http://www.w3.org/2001/XMLSchema;
wsse:UsernameTokenwsse:Usernamexinjun/wsse:Usernamewsse:Password
Type=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText;password/wsse:Password/wsse:UsernameToken/wsse:Security/SOAP-ENV:Header/SOAP-ENV:Envelope
Order of SOAPHeader and SOAPBody
I am using the following function to add UsernameToken to my security
header. But the processed envelope get some problems.
1. The Header is placed after the body. How can I insert SOAPHeader
before SOAPBody?
2. The security header defines the xmlns:xsd and xmlns:xsi again,
which have already been defined in SOAP-ENV:Envelope.
Could you give me some advice on how to solve the above two problems?
Attached:
1) The function used for adding username token to the envelope:
public void addUsernameTokens(UsernameToken token, final SOAPEnvelope
envelope) throws Exception {
Document domDoc = Axis2Util.getDocumentFromSOAPEnvelope(envelope);
WSSAddUsernameToken builder = new WSSAddUsernameToken(, false);
if (token.isDigested()) {
builder.setPasswordType(WSConstants.PASSWORD_DIGEST);
} else {
builder.setPasswordTyp(WSConstants.PASSWORD_TEXT);
}
builder.build(domDoc, token.getUsername(), token.getPassword());
Element header = (Element)
(domDoc.getElementsByTagName(wsse:Security).item(0));
OMElement headerElm = (OMElement) (Axis2Util.toOM(header));
SOAPFactory factory = Axis2Util.getSOAPFactory(envelope);
factory.createSOAPHeader(envelope);
envelope.getHeader().addChild(headerElm);
}
2): The original soap envelope:
?xml version='1.0' encoding='utf-8'?SOAP-ENV:Envelope
xmlns:SOAP-ENV=http://www.w3.org/2003/05/soap-envelope;
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
xmlns:xsd=http://www.w3.org/2001/XMLSchema;
SOAP-ENV:Body
sayHello xmlns=http://services/helloworld;
valueHello world!/value
/sayHello
/SOAP-ENV:Body
/SOAP-ENV:Envelope
3): The processed soap envelope:
?xml version='1.0' encoding='utf-8'?SOAP-ENV:Envelope
xmlns:SOAP-ENV=http://www.w3.org/2003/05/soap-envelope;
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
xmlns:xsd=http://www.w3.org/2001/XMLSchema;
SOAP-ENV:Body
sayHello xmlns=http://services/helloworld;
valueHello world!/value
/sayHello
/SOAP-ENV:Body
SOAP-ENV:Headerwsse:Security
xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd;
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
xmlns:xsd=http://www.w3.org/2001/XMLSchema;
wsse:UsernameTokenwsse:Usernamexinjun/wsse:Usernamewsse:Password
Type=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText;password/wsse:Password/wsse:UsernameToken/wsse:Security/SOAP-ENV:Header/SOAP-ENV:Envelope
