Bookmark Topic Watch Topic
 
friki data migration
Ranch Hand
Posts: 772
  • Mark post as helpful
  • send pies
  • Report post to moderator
This page collects code snippets that demonstrate how to accomplish a variety of tasks useful for implementing web services.


  • How can I set HTTP headers like SOAPAction or Basic Authentication in my SOAP request? (link)
  • With Axis, how can I access authentication information if I use HTTP Authentication? (link)
  • With Axis, how can I find out which service and operation was invoked? (link)
  • What is the simplest possible Java client for a web service? (link)
  • How do I handle WS-Security UsernameTokens with WSS4J? (link)
  • An overview of authentication in Web Services can be found in this JavaRanch Journal article, and there's an update to the article that covers Axis 2 here
  • HowToGetHelpWithSoapWebServices


  • As any other page in this wiki, the page is editable by anyone, so don't hesitate to add useful stuff.


     
    How can I set HTTP headers like SOAPAction or Basic Authentication in my SOAP request?

    This works for both JAXWS SAAJ and Axis.

    If "message" is a SOAPMessage object, it can be done like this:



    Other HTTP headers can be set in the same way, e.g. for Basic Authentication:



    The Base64Coder class can be found here, but there are many packages that perform base64 encoding, including Jakarta Commons Codec.


     
    With Axis, how can I access authentication information if I use HTTP Authentication?

    The following code provides access to the HttpServletRequest, which makes the getRemoteUser, getUserPrincipal, getAuthType and isUserInRole methods available.



    How to get this information using Rampart is described here and here.

    It's also possible to get the client DN out of the public key certificate after authentication:



    Note that this ties you to Axis as the SOAP engine. Going forward it is better to use WS-Security instead of HTTP Authentication. The Apache WSS4J package can be used with Axis to implement this.


     
    With Axis, how can I find out which service and operation was invoked?

    The following code determines both the target service and the operation invoked by the current request.



    An OperationDesc object -which is returned by context.getOperation()- also holds lots of other useful information like parameters, SOAPAction, style, use, etc.


     
    What is the simplest possible Java client for a web service?

    The following code is a SAAJ client for the Calculator.jws web service that comes with Axis. It constructs a SOAP message that calls a web service with two parameters and a single scalar result, shows how to print request and response to standard out, and also can set HTTP and SOAP headers. To deploy the service it accesses, copy the file samples/userguide/example2/Calculator.java to the axis web app directory and rename it to Calculator.jws.

    To run the client, the Axis libraries need to be in the classpath. The command line invocation would be "java SAAJClient 5 7" (which results in the numbers 5 and 7 being added).




     
    How do I handle WS-Security UsernameTokens with WSS4J?

    The following code is a complete CallbackHandler implementation for handling authentication using WSS4J. It handles basic and digest authentication, but not client certificates. Its drawback is that it needs to know the username and password, and doesn't handle roles. A better solution is described in the JavaRanch Journal article mentioned above.




    WebServicesFaq CategoryFaq CategoryHowTo CategoryCodeSamples CodeBarn
     
      Bookmark Topic Watch Topic
    • New Topic