• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

how to implement ws-security in soap request header

 
Ramesh Desai
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi ,

i am new to web services.

i have to implement soap request using SAAJ API.

i am facing problem in creating soap header. i am not knowing how to implement ws-security for header part.
below is my soap header part .
please help me sort out this.

<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-11707096" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>USERID</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWORD</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>


Thanks,
Ramesh
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
WS-Security is generally configured using config files that are external to the code, but the specifics are particular to the SOAP stack being used; which one are you using?

(If it's Axis1 or Axis2, then you might find a couple articles I wrote on the subject helpful: http://www.javaranch.com/journal/200709/Journal200709.jsp#a3 and http://www.javaranch.com/journal/200603/Journal200603.jsp#a2).
 
Dan Drillich
Ranch Hand
Posts: 1183
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When looking at the schema -



I see xsd:any after the Username. So I guess wsse:Password is allowed after the Username.

Regards,
Dan
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic