File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Services and the fly likes Servlet using SAAJ and HTTP Authorization Header Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of REST with Spring (video course) this week in the Spring forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "Servlet using SAAJ and HTTP Authorization Header" Watch "Servlet using SAAJ and HTTP Authorization Header" New topic

Servlet using SAAJ and HTTP Authorization Header

Julian Noye

Joined: Nov 17, 2008
Posts: 3
Hi Guys

I am trying to create a servlet that uses SAAJ to communicate with a SOAP webservice.

The webservice uses user/pw in the HTTP Authorization header to validate the request.

My problem is I have not been able to set the user/pw in the HTTP header and I get a 401 return code.

I have based my servlet on this example

Here is my code,


import java.util.Iterator;

import javax.servlet.*;
import javax.servlet.http.*;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.MimeHeaders;
import javax.xml.soap.SOAPBody;
import javax.xml.soap.SOAPConnection;
import javax.xml.soap.SOAPConnectionFactory;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPHeader;
import javax.xml.soap.SOAPHeaderElement;
import javax.xml.soap.SOAPMessage;
import javax.xml.soap.SOAPPart;

import org.w3c.dom.Node;

public class HelloServlet extends HttpServlet{
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException,IOException{

String username = request.getParameter("julian");
String password = request.getParameter("pw");
Integer timeout = new Integer(5*60*1000);
String operation = "getLanguages";
String urn = "LanguagesRequest";
String destination = "";

// First create the connection
SOAPConnectionFactory soapConnFactory = SOAPConnectionFactory.newInstance();
SOAPConnection connection = soapConnFactory.createConnection();

// Next, create the actual message
MessageFactory messageFactory = MessageFactory.newInstance();
SOAPMessage message = messageFactory.createMessage();
SOAPPart soapPart = message.getSOAPPart();
SOAPEnvelope envelope = soapPart.getEnvelope();

// Set HTTP headers.
// This does not work!!!
String authorization = new sun.misc.BASE64Encoder().encode((username+":"+password).getBytes());
MimeHeaders hd = message.getMimeHeaders();
hd.addHeader("Authorization", "Basic " + authorization);

// Create and populate the body
SOAPBody body = envelope.getBody();

// Create the main element and namespace

SOAPElement bodyElement = body.addChildElement(
envelope.createName(operation, "ns1", ""));

// Add parameters
envelope = soapPart.getEnvelope();
SOAPHeader sh = envelope.getHeader();
sh = null;

// Save the message
SOAPMessage msg = message;

// Send the message and get the reply
SOAPMessage reply =, destination);

// Retrieve the result - no error checking is done: BAD!
soapPart = reply.getSOAPPart();

body = envelope.getBody();
Iterator iter = body.getChildElements();
Node resultOuter = ((Node);
Node result = resultOuter.getFirstChild();
//System.out.println("add("+arg1+","+arg2+") = "+result.getNodeValue());

// Close the connection
} catch (Exception e) {

PrintWriter pw = response.getWriter();
pw.println("<head><title>Hello World SC API</title></title>");
pw.println("<h1>Hello World SC API 999.0</h1>");

Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42959
Welcome to JavaRanch.

There's currently a bug in Axis2 that prevents any SOAP headers from being transmitted. I'm trying to get the priority on that one raised, but have no word yet on when it might be fixed.

This means that SAAJ clients can't use HTTP authentication with the Axis2 libraries. The workarounds would be either to use the Axis1 libraries for the client, or to use a JAX-WS client.
[ November 17, 2008: Message edited by: Ulf Dittmer ]
subject: Servlet using SAAJ and HTTP Authorization Header
It's not a secret anymore!