Ulf Dittmer wrote:While you can do it programmatically, WS-Security is generally configured outside of the code in config files (WSDD files in the case of Axis2). You'll need the Axis2 Rampart module for this.
I've written a couple of articles about this that you may find useful: Web Services Authentication with Axis 2 and Web Services Security - Encryption
Thanks for the link.
One of the lines from your article reads as "WS-Security can perform 4 different actions: Timestamping, Authentication, Encryption and Signature".
I am requird to a binarysecuritytoken to the Soap Header. Is that possible using Rampart ? I believe PWHandlerClient will have logic to add create and add the binarysecuritytoken and conf/axis2.xml should have some action elements corresponding to addition of binarysecuritytoken ?
Sample Header:
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:date="http://exslt.org/dates-and-times">
<SOAP-ENV:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIIC/.........</wsse:BinarySecurityToken>
</wsse:Security>
</SOAP-ENV:Header>