wood burning stoves
The moose likes Web Services and the fly likes Question on soapheader Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "Question on soapheader" Watch "Question on soapheader" New topic

Question on soapheader

Rizwan Mohammad
Ranch Hand

Joined: Sep 02, 2005
Posts: 445
We have been passing user name & password for webservice authentication in header information so many days..
Now i need to get that header information (we pass cookie in header) in my final java implementation class.
Is there any way that I can set that value somewhere in my handler and get it back in my implementation class?
Appreciate your replies.

Rizwan Mohammad
Ranch Hand

Joined: Sep 02, 2005
Posts: 445
I am using apache axis for developing my webserives.
I resolved this issue by making use of messagecontext that comes as a parameter to handler. I set property to messagecontext in handler and getting that property in my java implementation class.

setting in handler-->
msgContext.setProperty("key", "cookie");
getting in java impl class-->
String cookie = MessageContext.getCurrentContext().getProperty("key");

I know its bad idea to use apache axis related code inside java implementation class but I had no other way!
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
Is there a particular reason you're not using the standard HTTP authentication mechanism? Which is also an HTTP header, of course, but at least a standardized one. Its client side use is described here, and the server side for Axis is documented here.
[ December 13, 2006: Message edited by: Ulf Dittmer ]
Rizwan Mohammad
Ranch Hand

Joined: Sep 02, 2005
Posts: 445
Hi, Thanks for your references. The reason for not using standard HTTP Basic Authentication is because of our organization standards. We need to follow our organization security standards. With these standards, one has to pass a cookie generated uniquely from the user name, password & environment(test,qa, prod) through soap header with the hearder name given again by standards. We will use their handlers for authentication, authorization, logging as well..
I agree. Here's the link: http://aspose.com/file-tools
subject: Question on soapheader
It's not a secret anymore!