Skip to main content
Omnitracs Knowledge Base

Add Web Service Security Support

To implement Web Service Security a SOAP header must be inserted into the web service request. The following example code can be viewed in the QTWebSvcsSoapBindingStub.java class which was originally generated using Apache Axis.  The SOAP Header code will be inserted manually.

Credentials

Before we insert the code that will create the SOAP header, we need a way to for the integrator to set the username and password. Add two class level variables to the SoapBindingStub java class and create the corresponding getter and setter methods. The way we implement the username and password may be accomplished in many different ways. This is just one suggestion.

private String username;

private String password;

/**

 * @return Returns the password.

 */

public String getPassword() {

   return password;

}

/**

 * @param password The password to set.

 */

public void setPassword(String password) {

   this.password = password;

}

/**

 * @return Returns the username.

 */

public String getUsername() {

   return username;

}

/**

 * @param username The username to set.

 */

public void setUsername(String username) {

   this.username = username;

}

SOAP Header

To create the SOAP header you must insert the following code into the SoapBindingStub java class that was created. Insert the following import statements:

import javax.xml.soap.SOAPMessage;

import javax.xml.soap.SOAPPart;

import javax.xml.soap.SOAPHeader;

import javax.xml.soap.SOAPFactory;

import javax.xml.soap.Name;

 

import org.apache.axis.message.SOAPEnvelope;

import org.apache.axis.message.SOAPHeaderElement;

import org.apache.axis.soap.MessageFactoryImpl;

Insert the following code after the super._createCall() line of code in the createCall() method:

try

{

    //Create a SOAP Message Object

    MessageFactoryImpl messageFactory = new MessageFactoryImpl();

    SOAPMessage msg = messageFactory.createMessage();

    SOAPPart soapPart = msg.getSOAPPart();

    SOAPEnvelope envelope = ((org.apache.axis.SOAPPart)soapPart).getAsSOAPEnvelope();

    SOAPHeader header = (org.apache.axis.message.SOAPHeader) envelope.getHeader();

                

    // create SOAP Factory

    SOAPFactory soapFactory = SOAPFactory.newInstance();

 

    // create SOAP header elements

    Name headerName = soapFactory.createName("Security""wsse""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");

    SOAPHeaderElement headerElement = (org.apache.axis.message.SOAPHeaderElement)header.addHeaderElement(headerName);

    headerElement.addAttribute(soapFactory.createName("mustUnderstand"), "1");

 

    javax.xml.soap.SOAPElement unt = headerElement.addChildElement("UsernameToken""wsse");

    unt.addChildElement("Username""wsse").addTextNode(getUsername());

    unt.addChildElement("Password""wsse").addTextNode(getPassword());

 

    _call.addHeader(headerElement);

 

 }

 catch (Exception e)

 {

    System.out.println(e);

 }

XML Output

This will create a SOAP header in the following format (notice that you used the username and password getter methods to retrieve the username and password):

- <soapenv:Header>

     - <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" mustUnderstand="1"

          soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next" soapenv:mustUnderstand="0">

          - <wsse:UsernameToken>

                 <wsse:Username>USER@COMPANY</wsse:Username>

                 <wsse:Password>password</wsse:Password>

            </wsse:UsernameToken>

       </wsse:Security>

  </soapenv:Header>

(plus) Add SSL for Non-certified SSL Keys

  • Was this article helpful?