This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Web Services and the fly likes Axis2 username/password Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "Axis2 username/password Authentication" Watch "Axis2 username/password Authentication" New topic
Author

Axis2 username/password Authentication

Alan Richardson
Greenhorn

Joined: Mar 05, 2007
Posts: 17
Hi folks,

Does anyone know how to set up handlers and apply a username/password header to a SOAP message using an Axis2 based client?

For instance in Axis 1 I can do the following:



Is it possible to do something similar with the Axis2 / Rampart API? I can only find examples that retrieve the username/password information from XML based descriptors.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41034
    
  43
I'm guessing that there is a way to use Rampart programmatically instead of declaratively, but I've never felt the need to do that. Is there a particular reason you'd like to avoid using deployment descriptors?
[ May 18, 2007: Message edited by: Ulf Dittmer ]

Ping & DNS - my free Android networking tools app
Alan Richardson
Greenhorn

Joined: Mar 05, 2007
Posts: 17
I have a front-end website which consumes the services so when a user inputs a username and password it is saved in a session bean and bundled with each request. Hence the 'user.getUserName()' from the snippet of code above.

Might there be a way of using descriptors for multiple users?
Alan Richardson
Greenhorn

Joined: Mar 05, 2007
Posts: 17
I'm attempting to use the following (based on the example 11 provided with Rampart 1.1), with no joy.






I receive the following error:
java.lang.NullPointerException at com.ctc.wstx.sw.BaseNsStreamWriter.doWriteDefaultNs(BaseNsStreamWriter.java:528)

I can't find much information about this, although I'm actually receiving the same error when sending non-authenticated messages, so the problem may not be related directly to Rampart. (I originally had Axis2-1.2 running but I had to roll back to Axis2-1.1.1 due to Rampart compatibility).

Any ideas?

[ May 21, 2007: Message edited by: Alan Sunley ]
[ May 21, 2007: Message edited by: Alan Sunley ]
Chih-Chieh Huang
Greenhorn

Joined: Jul 01, 2004
Posts: 6
You can find the answer from the following 2 links.

HTTP Transport


Re: AXIS2 1.1.1 problem with BASIC AUTH
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41034
    
  43
Originally posted by Chih-Chieh Huang:
You can find the answer from the following 2 links.

HTTP Transport


Re: AXIS2 1.1.1 problem with BASIC AUTH


These links are about HTTP authentication, not WS-Security authentication (which is really the preferred way, considering the easy availability of Rampart).
Alan Richardson
Greenhorn

Joined: Mar 05, 2007
Posts: 17
I've been experimenting with the RPCServiceClient above and find that I can successfully invoke the service from a java application, but not from within a Tomcat webapp.

It doesn't like that I pass a filled Object array containing the webservice method arguments.



However I can pass an empty Object array ( Object[] operationArguments = new Object[] { }; ) without problem. Not particularly useful since I do need to pass arguments.

Are there any know issues invoking a service this way?


Full error trace:

Nathan McDonald
Greenhorn

Joined: May 14, 2008
Posts: 1
Spent three days trying to figure this out, and this was the top google result so figured i'd put my solution in here for future searchers.

To get this to work, i had to ensure that rampart WASN'T enabled, otherwise I got all sorts of ClassCastExceptions.


import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMNamespace;
import org.apache.axiom.soap.impl.dom.SOAPHeaderBlockImpl;
import org.apache.axiom.soap.impl.dom.soap11.SOAP11Factory;
import org.apache.axiom.soap.impl.dom.soap11.SOAP11HeaderBlockImpl;
import org.apache.axis2.AxisFault;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.databinding.types.NonNegativeInteger;
import org.apache.axis2.databinding.types.PositiveInteger;

...


String username, password;

...


ServiceClient client = stub._getServiceClient();
SOAP11Factory factory = new SOAP11Factory();
OMNamespace SecurityElementNamespace = factory.createOMNamespace("http://schemas.xmlsoap.org/ws/2002/04/secext", "wlm");

OMElement usernameTokenEl = factory.createOMElement("UsernameToken", SecurityElementNamespace);
OMElement usernameEl = factory.createOMElement("Username", SecurityElementNamespace);
OMElement passwordEl = factory.createOMElement("Password", SecurityElementNamespace);
usernameEl.setText(username);
passwordEl.setText(password);
usernameTokenEl.addChild(usernameEl);
usernameTokenEl.addChild(passwordEl);

SOAPHeaderBlockImpl block = new SOAP11HeaderBlockImpl("Security", SecurityElementNamespace, factory);
block.addChild(usernameTokenEl);

client.addHeader(block);
 
wood burning stoves
 
subject: Axis2 username/password Authentication
 
Similar Threads
how to invoke a webservice
Axis + WSS4J, one time authentication?
Axis - Sending large files
SOAPAction
Webservice client code generation using axis2 and eclipse galilio