stackoom
  简体   繁体   中英

RAD - How to add username token for JAX-WS in websphere application server admin console

 原文  2019-03-05 10:55:12       java/ web-services/ security/ soap

Question

I have created a web service using JAX-WS and trying to add Simple UsernameToken security to the web service. The application is deployed on Websphere 8.5.

I found the following link which helps to add the usernameToken from RAD -> Services tab quite easily for JAX-RPC based web services but the same feature is not available for JAX-WS type web services.

RAD - How to add username token for JAX RPC in websphere application server admin console

Can anybody help to provide some similar kind of steps or another possible simple solution to achieve the same for JAX-WS web services? 

    <Soapenv:Header>
    <wsse:Security soapenv: mustUnderstand="1"
        xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-secext-1.0.xsd">
        <wsse:UsernameToken>
            <wsse:Username>user</wsse: Username>
            <wsse:Password
                Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wssusername-token-profile-1.0#PasswordText">paas</wsse: Password>
        </wsse:UsernameToken>
    </wsse:Security>
</soapenv:Header>

Thanks.

1 answers

solution1
 0  2019-04-10 08:37:06

Finally, I have managed to find a workaround for the problem above. Its as follows:

After googling a lot I came across a concept of Web-service Handler which can be invoked for every request and response that is either received or sent from the Webservice Provider respectively.

How to configure: 1. Create a Java File SecurityHandler and paste the following code in it: 

public class SecurityHandler implements SOAPHandler<SOAPMessageContext>
{
    @Override
    public boolean handleMessage(SOAPMessageContext context)
    {
        boolean outbound = (Boolean)context.get(SOAPMessageContext.MESSAGE_OUTBOUND_PROPERTY);
        if(outbound) {
            //logic to handle a response
        }

        if (!outbound) {
            //logic to handle a request
        }

        return true;
    }

    @Override
    public boolean handleFault(SOAPMessageContext context) {
        return true;
    }

    @Override
    public void close(MessageContext context) {}

    @Override
    public Set<QName> getHeaders() {
        return Collections.emptySet();
    }

}

  1. Create an XML file with below code sample:

    <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <javaee:handler-chains xmlns:javaee="http://java.sun.com/xml/ns/javaee" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <javaee:handler-chain> <javaee:handler> <javaee:handler-class>your.package.path.SecurityHandler</javaee:handler-class> </javaee:handler> </javaee:handler-chain> </javaee:handler-chains>

  2. To activate the handler on each request or response to the web service you exposed add the annotation in your web service class as follows: 

@HandlerChain(file="/your/package/path/handler-chain.xml") 
    public class my web services {
        //methods or web-services to be exposed.
    }

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to add a custom Callback Handler for JAX-WS client service in WebSphere 7.0/RAD 7.5 JAX-WS in RAD with websphere7 javaAccessorNotSet error How to add CORS support on server side of JAX-WS in java Websphere JAX-WS web service client using RAD does not allow Java Project How to add http-headers to all outcome jax-ws client's requests on websphere(WAS)? How to add response header in JAX-WS How to add HTTP proxy to JAX-WS? WebSphere JAX-WS Response Handler fails JAX-WS empty response in WebSphere but not in Tomcat JAX-WS on Tomcat server
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM