Skip to main content
This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal

HCL Notes/Domino 8.5 Forum (includes Notes Traveler)

HCL Notes/Domino 8.5 Forum (includes Notes Traveler)
Previous Next

setHeader in Web Service Consumer (Java)

Hi Dennis,

You may well have solve this already. None the less I have managed to achieve this by manually building WSSE security tag and adding it to the SOAP header. I did this by:

1. Adding a method 'getSOAPHeaderSecurity' to the java file that contains the SOAP operation calls for the webservice (generated from the wsdl)

2. modifying each SOAP operation call to add the security info to the header using the method above. eg _call.addSOAPHeader(getSOAPHeaderSecurity())
;
3. I used the method 'setCredentials(userName, password)' in the webservice object (stub) to pass the credientials to the getSOAPHeaderSecurity method mentioned above(so i didn't have to hardcode this).

Here's the code for the method I added:

private SOAPHeaderElement getSOAPHeaderSecurity(){
try{
//Example of what we are adding to the header
//<soapenv:Header>
// <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
// <wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
// <wsse:Username>SOMEUSERNAME</wsse:Username>
// <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
// <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">MECGjqTmLEfyl/ZYkNe9Eg==</wsse:Nonce>
// <wsu:Created>2010-10-01T07:20:28.769Z</wsu:Created>
// </wsse:UsernameToken>
// </wsse:Security>
//</soapenv:Header>

final PrefixedQName qname = new PrefixedQName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security", "wsse");
final SOAPHeaderElement security = new SOAPHeaderElement(qname);
security.setMustUnderstand(true);

final SOAPElement usernameToken = security.addChildElement("UsernameToken", "wsse");
usernameToken.setAttribute("wsu:Id","UsernameToken-1");
usernameToken.addNamespaceDeclaration("wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");

//Create the username node and get the value from the stub which we set before we called the web service
final SOAPElement username = usernameToken.addChildElement("Username", "wsse");
username.addTextNode(this.getUsername());

//Create the password node and get the value from the stub which we set before we called the web service
final SOAPElement password = usernameToken.addChildElement("Password", "wsse");
password.setAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
password.addTextNode(this.getPassword());

return security;

}catch (final Exception e){
e.printStackTrace();
}
return null;

}

Here's an example of the modified call using the above method to add the athentication header:

public com.XXX.WebServices.ssl.Data._2010._10.ApprovalDelegationResponse getApprovalDelegationStatus(com.XXX.schemas.WebServices.ssl.Data._2010._10.ApprovalDelegationRequest request) throws java.rmi.RemoteException {
lotus.domino.websvc.client.Call _call = createCall("getApprovalDelegationStatus");
_call.addHeader(getSOAPHeaderSecurity()); // <<=== JUST ADD THIS LINE TO ANY WEBSERVICE OPERATION CALL TO INSERT WSSE SECURITY INFOR MATION
java.lang.Object _resp = _call.invoke(new java.lang.Object[] {request});
return (com.XXX.schemas.WebServices.ssl.Data._2010._10.ApprovalDelegationResponse) _call.convert(_resp, com.XXX.schemas.WebServices.ssl.Data._2010._10.ApprovalDelegationResponse.class);
}


In the agent calling the webservice I passe the credentials from configuration documents as follows:

UserService_Port stub = new UserService_ServiceLocator().getBasicHttpBinding_UserService(new java.net.URL(tmpdoc.getItemValueString("Value")));
username = vwConfig.getDocumentByKey("SERVICE_USERNAME", true).getItemValueString("Value");
password = vwConfig.getDocumentByKey("SERVICE_PASSWORD", true).getItemValueString("Value");
stub.setCredentials(username, password); //<< THESE PROPERTIES ARE READ WHEN CREATING THE SECURITY NODE IN THE SOAP HEADER.

....Make your service call

This all works for basic authentication.

The journey to get that sorted out was a long one. I have another complication at the moment with trying to consume a web service through a proxy server which requires authentication - what a headache. IBM has to do much better with its documentaion on such matters! I will post anothor question on that and hope that some else has solved that issue.


Hope this helps you out.

Regards

Sean


Feedback response number WEBB8EB6WM created by ~Judy Fezwebergikle on 02/22/2011

setHeader in Web Service Consumer (... (~Olga Cisremara... 7.Oct.10)
. . setHeader in Web Service Consumer (... (~Judy Fezweberg... 22.Feb.11)




Printer-friendly

Search this forum

Member Tools


RSS Feeds

 RSS feedsRSS
All forum posts RSS
All main topics RSS