Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

AXIS security - Get identifier/username token to the code.

 
Akhilesh Trivedi
Ranch Hand
Posts: 1608
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I implemented security in my web service as per the description in the link below.

http://ws.apache.org/wss4j/axis.html

How can I get the identifier or user name (token & password in the webservice) to the implementation code of the service.

I want to be able to get the username in <mydelegate>SoapBindingImpl.java file. Is it possible?
 
Akhilesh Trivedi
Ranch Hand
Posts: 1608
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The handle method looks like this



The return type is void... so I cant return anything from here.! !!
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This sounds a bit odd - the usual way to use WS-Security with Axis2 would be the Rampart module. Is there a specific reason you didn't go that route?
 
Akhilesh Trivedi
Ranch Hand
Posts: 1608
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I may be replying you too early but I see that model is for Axis2 and I am on Axis 1.4 will that still work for me?
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't think something like Rampart was ever available for Axis 1. Any particular reason for using such a long-obsolete framework?
 
Akhilesh Trivedi
Ranch Hand
Posts: 1608
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I got it working for axis 1.4. Import following


and in the code.



This gives us the context. I set the username in handler by saying context.setProperty() and get it back in code using "context.getProperty()"
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I strongly suspect that that username and password are for HTTP Basic Authentication - something very different, and rather less secure, than WS-Security. Since Basic Auth sends password pretty much in cleartext, you must use HTTPS along with it.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic