This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I need to incorporate an authentication header (i.e. as a part of SOAP header request) in my new web service. That authentication header will verify the userId and password details. I have to verify the content of request header details for authentication in my Web Service. If authenticated, then the SOAP body of the request will be processed, else Invalid Authentication message will be send back by the Web Service to the client application invoking the service.
I am not able to understand how to create a web service where the SOAP Header will contain some elements(in my case, authentication elements such as userId and password).
Normally, whatever method exposed in the service will come as a part of the SOAP Body. Hence confused how to proceed with adding authentication elements in the SOAP Header.
If I have understood your problem statement, you want to include the SOAP Header in the web service that you will be deploying.
The WSDL will include the Header emement containing userid/password or other details like certificate serial no/SHA2 signature etc
Correct me if I am wrong.
Joined: Oct 13, 2011
Exactly. You have got it correct.
I want the header to be exactly like this:
What i can see as of now is when I create a new web service, all of the information is present in the body part, the header is empty. As a part of the requirement, I want the authentication part to be in header.
Joined: Oct 13, 2011
I tried placing a handler and making the handler entry in the webservice.xml. It worked for me.
But still as the initial requirement goes, i have to embed the authentication details in the SOAP header.
I heard of WSSE but i am creating the web service using JAX-RPC, hence WSSE may not work as it seems to be for JAX-WS.
Please provide some inputs on how to insert authentication elements in SOAP header request in the format i mentioned in #3.
I did nt asked you to provide inputs on the specific IDE/server I am using. I only asked you to give me the basic inputs on the steps of implementing the wsse. Consider anything you worked on before for implementing wsse.
Only i need to know the steps so that i can proceed by myself.
Joined: Mar 22, 2005
Most of what I learned about WS-Security Authentication can be found in two articles I wrote on the subject, using Axis-1 and Axis-2.