wood burning stoves 2.0*
The moose likes Web Services and the fly likes Generate Security Header for Axis 2 with xmlbeans Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Web Services
Bookmark "Generate Security Header for Axis 2 with xmlbeans" Watch "Generate Security Header for Axis 2 with xmlbeans" New topic
Author

Generate Security Header for Axis 2 with xmlbeans

Gunther Mauerkirchner
Greenhorn

Joined: Aug 26, 2010
Posts: 4
Hallo Guys!

I'm new here and just starting with a question.

I'm trying to generate a Security header for Axis. And i get stuck. I can generate all the XML Objects needed: Username Password and Created Timestamp but I'm not able to put it together.



If i try this:


... to put it together I get
org.apache.xmlbeans.impl.store.DomImpl$NotSupportedError: Document nodes may not be imported
at org.apache.xmlbeans.impl.store.DomImpl.document_importNode(DomImpl.java:1038)
at org.apache.xmlbeans.impl.store.DomImpl._document_importNode(DomImpl.java:1020)
at org.apache.xmlbeans.impl.store.Xobj$DocumentXobj.importNode(Xobj.java:2634)
at ch.zh.ksta.c3.dao.PersonArrayDAO.<init>(PersonArrayDAO.java:81)
at ch.zh.ksta.c3.action.Main.searchnp(Main.java:75)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.opensymphony.xwork2.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:441)
at com.opensymphony.xwork2.DefaultActionInvocation.invokeActionOnly(DefaultActionInvocation.java:280)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:243)
at com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doIntercept(DefaultWorkflowInterceptor.java:165)


Any Ideas how i get a working security header??
R Srini
Ranch Hand

Joined: Feb 19, 2010
Posts: 215
Hi. I don't know how to programmatically add a security header, but if you can use Apache Rampart, then these links may be useful:

1. http://www.javaranch.com/journal/200709/web-services-authentication-axis2.html
2. http://www.ibm.com/developerworks/java/library/j-jws4/index.html
3. http://www.ibm.com/developerworks/webservices/tutorials/ws-understand-web-services4/
4. http://www.ibm.com/developerworks/java/library/j-jws5/
5. http://wso2.org/library/3190

Its quite a bit of reading, but has lots of good information.

You may also find this thread useful.
Gunther Mauerkirchner
Greenhorn

Joined: Aug 26, 2010
Posts: 4
Thank you for your reply. Is there really no possibility except setting the Header with rampart?
R Srini
Ranch Hand

Joined: Feb 19, 2010
Posts: 215
Hello Gunther. Of course I am sure it is possible. Unfortunately I don't know how to do this manually, but I am sure someone out there knows. Maybe this will help with some more information.

In case you already have the header constructed (I couldn't tell by looking at your code), you can look here on how to add a header to the SOAP envelope. Maybe this is what you were looking for?

But I think it must be complicated enough to handle all aspects of the WS-Security specification that a separate product (Rampart) exists. And with it, the whole security handling becomes a matter of complicated configuration, rather than complicated programming
Gunther Mauerkirchner
Greenhorn

Joined: Aug 26, 2010
Posts: 4
R Srini wrote:And with it, the whole security handling becomes a matter of complicated configuration, rather than complicated programming


Wohooo sounds like having a lot of fun. I will give it a try. Thank you!
Gunther Mauerkirchner
Greenhorn

Joined: Aug 26, 2010
Posts: 4
Damn! I figured out that we are Using Axis only for generating the Beans, so i have no chance to use Rampart. Any more Ideas?
R Srini
Ranch Hand

Joined: Feb 19, 2010
Posts: 215
LOL. Ok. So back to the problem. A few questions:

1. Can you briefly mention the overall context of what you are doing and the software being used?
2. Looks like you are developing a client that consumes a security-enabled web service. Is that correct?
3. Also, what other software are you using, dev environment, etc.
4. Have you looked at this thread that I mentioned earlier? Maybe it will help.
 
GeeCON Prague 2014
 
subject: Generate Security Header for Axis 2 with xmlbeans