Add Web Service Security Support
- Last updated
-
-
Save as PDF
To implement Web Service Security a SOAP header must be inserted into the web service request. The following example code can be viewed in the QTWebSvcsSoapBindingStub.java class which was originally generated using Apache Axis. The SOAP Header code will be inserted manually.
Credentials
Before we insert the code that will create the SOAP header, we need a way to for the integrator to set the username and password. Add two class level variables to the SoapBindingStub java class and create the corresponding getter and setter methods. The way we implement the username and password may be accomplished in many different ways. This is just one suggestion.
private String username;
private String password;
/**
* @return Returns the password.
*/
public String getPassword() {
return password;
}
/**
* @param password The password to set.
*/
public void setPassword(String password) {
this .password = password;
}
/**
* @return Returns the username.
*/
public String getUsername() {
return username;
}
/**
* @param username The username to set.
*/
public void setUsername(String username) {
this .username = username;
}
|
To create the SOAP header you must insert the following code into the SoapBindingStub java class that was created. Insert the following import statements:
import javax.xml.soap.SOAPMessage;
import javax.xml.soap.SOAPPart;
import javax.xml.soap.SOAPHeader;
import javax.xml.soap.SOAPFactory;
import javax.xml.soap.Name;
import org.apache.axis.message.SOAPEnvelope;
import org.apache.axis.message.SOAPHeaderElement;
import org.apache.axis.soap.MessageFactoryImpl;
|
Insert the following code after the super._createCall() line of code in the createCall() method:
try
{
//Create a SOAP Message Object
MessageFactoryImpl messageFactory = new MessageFactoryImpl();
SOAPMessage msg = messageFactory.createMessage();
SOAPPart soapPart = msg.getSOAPPart();
SOAPEnvelope envelope = ((org.apache.axis.SOAPPart)soapPart).getAsSOAPEnvelope();
SOAPHeader header = (org.apache.axis.message.SOAPHeader) envelope.getHeader();
// create SOAP Factory
SOAPFactory soapFactory = SOAPFactory.newInstance();
// create SOAP header elements
Name headerName = soapFactory.createName( "Security" , "wsse" , "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" );
SOAPHeaderElement headerElement = (org.apache.axis.message.SOAPHeaderElement)header.addHeaderElement(headerName);
headerElement.addAttribute(soapFactory.createName( "mustUnderstand" ), "1" );
javax.xml.soap.SOAPElement unt = headerElement.addChildElement( "UsernameToken" , "wsse" );
unt.addChildElement( "Username" , "wsse" ).addTextNode(getUsername());
unt.addChildElement( "Password" , "wsse" ).addTextNode(getPassword());
_call.addHeader(headerElement);
}
catch (Exception e)
{
System.out.println(e);
}
|
XML Output
This will create a SOAP header in the following format (notice that you used the username and password getter methods to retrieve the username and password):
Add SSL for Non-certified SSL Keys