• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

WS Security with Axis

 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Hello,

I'm having an issue with Axis and WS Security and i can't seem to find the answer.

I have an Axis client to an endpoint generated with wsdl2java that required WS Security. I tracked down some code at WSS4J, namely



I have defined my own password callback class. However the code does not seem to do anything. No WS Security headers that i can see are getting attached(i am using SOAPUI to verify). Any idea what i'm doing wrong? Is there a different way to add WS Security headers to a Axis client? Any help would be appreciated
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I've never tried to apply WS-Security programmatically, but if a solution that works declaratively through external config files is OK, then check out this article I wrote about that: http://www.javaranch.com/journal/200709/Journal200709.jsp#a3
 
Dobrovolschi Andrei
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I don't really have that option..... the Axis client i am mentioning is part of the southbound interface of an application developed/deployed under JBOSS. I have to enable WS Security on the Axis client(and only there).

 
Saloon Keeper
Posts: 27752
196
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
SOAP/Web Services has a number of security/encryption points. Here are some that I can think of offhand:

1. Server container security. SSL/TLS on the entire datastream. Access control via container-managed security and URL pattern matching against web.xml. Or, if you prefer the illusion of security while almost certainly lacking its reality, substitute a user-written Do-it-Yourself security interface. However your options for DIY security are more limited when using Axis, unless you plan to muck around inside Axis's source code.

2. Global message security. Encryption of the entire message packet. This keeps the message secure even if the message is then handed off to backend servers. However, routability suffers, since the routing information is also encrypted.

3. Content-only security. Encryption of the message contents, but not the header. Secures data while maintaining routability. However, sometimes the routability itself is informative, so not as secure as global security.

Items #2 and #3 require security built into Axis and must be configured and controlled as part of the Axis configuration. Item #1 is configured as part of the webapp configuration.
 
Dobrovolschi Andrei
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
A small update on my issue, i found that if i generate a WSDD file it works..... however i need to use this endpoint to connect to multiple others, so i cannot have a fixed user/password combination .... since the commands i mentioned do not work, is there a way to change the user property directly into the EngineConfiguration and then initialize the endpoint with that engine config? Something like

engine.getHandler(new QName(<not sure what should go here>)).setOption(WSHandlerConstants.USER, endpointConfig.getUser()) .

Here is my WSDD file
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic