Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Generate Security Header for Axis 2 with xmlbeans

 
Gunther Mauerkirchner
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hallo Guys!

I'm new here and just starting with a question.

I'm trying to generate a Security header for Axis. And i get stuck. I can generate all the XML Objects needed: Username Password and Created Timestamp but I'm not able to put it together.



If i try this:


... to put it together I get
org.apache.xmlbeans.impl.store.DomImpl$NotSupportedError: Document nodes may not be imported
at org.apache.xmlbeans.impl.store.DomImpl.document_importNode(DomImpl.java:1038)
at org.apache.xmlbeans.impl.store.DomImpl._document_importNode(DomImpl.java:1020)
at org.apache.xmlbeans.impl.store.Xobj$DocumentXobj.importNode(Xobj.java:2634)
at ch.zh.ksta.c3.dao.PersonArrayDAO.<init>(PersonArrayDAO.java:81)
at ch.zh.ksta.c3.action.Main.searchnp(Main.java:75)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.opensymphony.xwork2.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:441)
at com.opensymphony.xwork2.DefaultActionInvocation.invokeActionOnly(DefaultActionInvocation.java:280)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:243)
at com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doIntercept(DefaultWorkflowInterceptor.java:165)


Any Ideas how i get a working security header??
 
R Srini
Ranch Hand
Posts: 215
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi. I don't know how to programmatically add a security header, but if you can use Apache Rampart, then these links may be useful:

1. http://www.javaranch.com/journal/200709/web-services-authentication-axis2.html
2. http://www.ibm.com/developerworks/java/library/j-jws4/index.html
3. http://www.ibm.com/developerworks/webservices/tutorials/ws-understand-web-services4/
4. http://www.ibm.com/developerworks/java/library/j-jws5/
5. http://wso2.org/library/3190

Its quite a bit of reading, but has lots of good information.

You may also find this thread useful.
 
Gunther Mauerkirchner
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you for your reply. Is there really no possibility except setting the Header with rampart?
 
R Srini
Ranch Hand
Posts: 215
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Gunther. Of course I am sure it is possible. Unfortunately I don't know how to do this manually, but I am sure someone out there knows. Maybe this will help with some more information.

In case you already have the header constructed (I couldn't tell by looking at your code), you can look here on how to add a header to the SOAP envelope. Maybe this is what you were looking for?

But I think it must be complicated enough to handle all aspects of the WS-Security specification that a separate product (Rampart) exists. And with it, the whole security handling becomes a matter of complicated configuration, rather than complicated programming
 
Gunther Mauerkirchner
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
R Srini wrote:And with it, the whole security handling becomes a matter of complicated configuration, rather than complicated programming


Wohooo sounds like having a lot of fun. I will give it a try. Thank you!
 
Gunther Mauerkirchner
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Damn! I figured out that we are Using Axis only for generating the Beans, so i have no chance to use Rampart. Any more Ideas?
 
R Srini
Ranch Hand
Posts: 215
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
LOL. Ok. So back to the problem. A few questions:

1. Can you briefly mention the overall context of what you are doing and the software being used?
2. Looks like you are developing a client that consumes a security-enabled web service. Is that correct?
3. Also, what other software are you using, dev environment, etc.
4. Have you looked at this thread that I mentioned earlier? Maybe it will help.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic