WS-Security Header with JAX-WS RI

Computer: Software & Programmierung Java
#1

Hi, I hope I am in the correct forum and the question is not answered elswhere easily findable, because I googled a lot already. But it could also be that the heat of these days influenced my googling abilities.

I have a business server running in Apache 5.5 as WebApplication. Amongst other things it uses Spring 2.5.6. Now I need to access a SOAP Service with the JAX-WS RI 2.1.7. For this I used the wsimport Ant task to generate the Entities and stuff from the WSDL. Then I used the JaxWsPortProxyFactoryBean of Spring for getting a Proxy to invoke the Service. I have also added username and password to the proxy, but this just adds basic HTTP Authorization headers, not the WS-Security SOAP headers.

My problem now is, that I need to add WS-Security SOAP Headers for UsernameToken security. Unfortunately I did not really found much helpful information as to what library to use in this situation and how to do this most easily.

I hope someone here can help me with this.

#2

Noone? :frowning:

#3

I´m soory,
but that topic is not my „battlefield“.

I hope, that resources are helpful:
http://ws.apache.org/axis2/index.html
http://ws.apache.org/rampart/index.html
http://ws.apache.org/wss4j/

These resources concern with AXIS2 (a other WS-Implementation)…

#4

Thanks for your reply, but no, this doesn’t help me. As you said those ressources are about Axis2 and I’m using the JAX-WS RI. I know how to get it working with Axis1, but that is not the point, I need it working with JAX-WS RI.

#5

Thanks for your reply, but no, this doesn’t help me. As you
said those ressources are about Axis2 and I’m using the JAX-WS
RI. I know how to get it working with Axis1, but that is not
the point, I need it working with JAX-WS RI.

I see your point and I have an idea for you:

AXIS2 implements the JAX-WS 2.0 API and you have to replace only the Libs of JAX-WS RI with AXIS2 (tomcat_root/lib/*.jar). The next steps are implementing of little configurations for AXIS2 default behavior and integration (of AXIS2) into your application.

That approach should running in this case (I hope), if you use only the API of JAX-WS RI…
The benefit of this approach is the opportunity to using AXIS2 Tools like „Spring integration“, „WS Security Tools (e.g. Rampart)“ and many more…

#6

Again, I have to use JAX-WS RI, and not Axis2 or CXF which also implement the JAX-WS API. I have to get it working with the JAX-WS RI.