Integrating Spring WS with Axis (Security)
Hi cool Spring WS crowd!
We are stuck to use Axis for some of our old web service client implementation. Hence the question ( Spring question, I promise )
The request that has to be sent, needs to be injected with WSSE header - usual deal, right? However in Axis, the way it is done, there is a "wsdd" file that specifies a WsDoAllHandler with two things "injected in" (not Spring):
1. WsPasswordCallbackHandler (custom)
WsPasswordCallbackHandler returns a password according to the username.
This "wsdd" file is injected in Axis generated (from "wsdl") ServiceLocator stub, and this way it wraps the request with WSSE header by calling "WsDoAllHandler" behind the scenes.
This works, BUT we would like to use much simpler approach ( to store username/password pairs in ONE place ) - we would like to use a Spring's Wss4jSecurityInterceptor:
We still need to keep Axis (1.4) on - client's will. So we cannot just switch to Spring.
<bean id="wss4jInterceptor" class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
<property name="securementActions" value="UsernameToken"/>
<property name="securementUsername" value="vipUser"/>
<property name="securementPassword" value="t0p5ecret"/>
<property name="securementPasswordType" value="PasswordText"/>
<property name="securementUsernameTokenElements" value="Nonce Created"/>
How would we be able to use "Wss4jSecurityInterceptor" (or something as simple) with Axis auto-generated stubs to wrap our top secret requests with WSSE header?
Thank you VERY much,
Last edited by litius; Apr 16th, 2008 at 04:27 PM.
Humans are stateful and mutable beings that have no problems processing many things concurrently and share state with others + they are usually "coupled"