File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Services and the fly likes how to implement ws-security in soap request header Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "how to implement ws-security in soap request header" Watch "how to implement ws-security in soap request header" New topic
Author

how to implement ws-security in soap request header

Ramesh Desai
Greenhorn

Joined: May 13, 2009
Posts: 3
Hi ,

i am new to web services.

i have to implement soap request using SAAJ API.

i am facing problem in creating soap header. i am not knowing how to implement ws-security for header part.
below is my soap header part .
please help me sort out this.

<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-11707096" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>USERID</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWORD</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>


Thanks,
Ramesh
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41088
    
  43
WS-Security is generally configured using config files that are external to the code, but the specifics are particular to the SOAP stack being used; which one are you using?

(If it's Axis1 or Axis2, then you might find a couple articles I wrote on the subject helpful: http://www.javaranch.com/journal/200709/Journal200709.jsp#a3 and http://www.javaranch.com/journal/200603/Journal200603.jsp#a2).


Ping & DNS - my free Android networking tools app
Dan Drillich
Ranch Hand

Joined: Jul 09, 2001
Posts: 1167
When looking at the schema -



I see xsd:any after the Username. So I guess wsse:Password is allowed after the Username.

Regards,
Dan


William Butler Yeats: All life is a preparation for something that probably will never happen. Unless you make it happen.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: how to implement ws-security in soap request header
 
Similar Threads
Custom UsernameToken?
wsse wss4j with axis client
HeaderElements must be namespace qualified when create soap client
Web Servives security
Basic authentication soap header values?