I'm having an issue with Axis and WS Security and i can't seem to find the answer.
I have an Axis client to an endpoint generated with wsdl2java that required WS Security. I tracked down some code at WSS4J, namely
I have defined my own password callback class. However the code does not seem to do anything. No WS Security headers that i can see are getting attached(i am using SOAPUI to verify). Any idea what i'm doing wrong? Is there a different way to add WS Security headers to a Axis client? Any help would be appreciated
I don't really have that option..... the Axis client i am mentioning is part of the southbound interface of an application developed/deployed under JBOSS. I have to enable WS Security on the Axis client(and only there).
SOAP/Web Services has a number of security/encryption points. Here are some that I can think of offhand:
1. Server container security. SSL/TLS on the entire datastream. Access control via container-managed security and URL pattern matching against web.xml. Or, if you prefer the illusion of security while almost certainly lacking its reality, substitute a user-written Do-it-Yourself security interface. However your options for DIY security are more limited when using Axis, unless you plan to muck around inside Axis's source code.
2. Global message security. Encryption of the entire message packet. This keeps the message secure even if the message is then handed off to backend servers. However, routability suffers, since the routing information is also encrypted.
3. Content-only security. Encryption of the message contents, but not the header. Secures data while maintaining routability. However, sometimes the routability itself is informative, so not as secure as global security.
Items #2 and #3 require security built into Axis and must be configured and controlled as part of the Axis configuration. Item #1 is configured as part of the webapp configuration.
An IDE is no substitute for an Intelligent Developer.
Joined: Nov 07, 2008
A small update on my issue, i found that if i generate a WSDD file it works..... however i need to use this endpoint to connect to multiple others, so i cannot have a fixed user/password combination .... since the commands i mentioned do not work, is there a way to change the user property directly into the EngineConfiguration and then initialize the endpoint with that engine config? Something like
engine.getHandler(new QName(<not sure what should go here>)).setOption(WSHandlerConstants.USER, endpointConfig.getUser()) .