wood burning stoves 2.0*
The moose likes Web Services and the fly likes how to implement ws-security in soap request header Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "how to implement ws-security in soap request header" Watch "how to implement ws-security in soap request header" New topic

how to implement ws-security in soap request header

Ramesh Desai

Joined: May 13, 2009
Posts: 3
Hi ,

i am new to web services.

i have to implement soap request using SAAJ API.

i am facing problem in creating soap header. i am not knowing how to implement ws-security for header part.
below is my soap header part .
please help me sort out this.

<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-11707096" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWORD</wsse:Password>

Ulf Dittmer

Joined: Mar 22, 2005
Posts: 41528
WS-Security is generally configured using config files that are external to the code, but the specifics are particular to the SOAP stack being used; which one are you using?

(If it's Axis1 or Axis2, then you might find a couple articles I wrote on the subject helpful: http://www.javaranch.com/journal/200709/Journal200709.jsp#a3 and http://www.javaranch.com/journal/200603/Journal200603.jsp#a2).

Ping & DNS - my free Android networking tools app
Dan Drillich
Ranch Hand

Joined: Jul 09, 2001
Posts: 1174
When looking at the schema -

I see xsd:any after the Username. So I guess wsse:Password is allowed after the Username.


William Butler Yeats: All life is a preparation for something that probably will never happen. Unless you make it happen.
Don't get me started about those stupid light bulbs.
subject: how to implement ws-security in soap request header