I searched for various things, but there was only a hint on the specific implementation method on StackOverFlow (and English ...), so I made a note for reminders.
StackOverFlow will be exhibited below StackOverFlow:https://stackoverflow.com/questions/7910776/adding-user-password-to-soapheader-for-webservice-client-call-with-axis2 Author: https://stackoverflow.com/users/957076/shiv-gopal (This person seems to have solved it by himself (I resolve the issue myself) ...
Almost as this person's answer, but if you do it as it is, an error will occur, so I am making additional corrections as described in the comment part below.
OMFactory omFactory = OMAbstractFactory.getOMFactory();
OMElement omSecurityElement = omFactory.createOMElement(new QName( "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security", "wsse"), null);
OMElement omusertoken = omFactory.createOMElement(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "UsernameToken", "wsu"), null);
//WS as the first argument of the argument QName of createOMElement-Specify Security URI
OMElement omuserName = omFactory.createOMElement(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Username", "wsse"), null);
omuserName.setText("myusername");
//WS as the first argument of the argument QName of createOMElement-Specify Security URI
OMElement omPassword = omFactory.createOMElement(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Password", "wsse"), null);
omPassword.addAttribute("Type","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText",null );
omPassword.setText("mypassword");
omusertoken.addChild(omuserName);
omusertoken.addChild(omPassword);
omSecurityElement.addChild(omusertoken);
stub._getServiceClient().addHeader(omSecurityElement);
As an additional correction point, in the answer of StackOverFlow, an empty string is specified as the first argument when creating a QName object, but if this is the case, "java.lang.IllegalArgumentException: Cannot create a prefixed element with an empty namespace" will appear at runtime. appear. Therefore, the URI of WS-Security is explicitly specified. So I think it's probably a mistake in this answer, but ... I wonder if there is any way to do it.
Also, set your own user and password in omuserName.setText ("myusername"); and omPassword.setText ("mypassword") ;.
Regarding the "specifications" and "concepts" of WS-Security, if you search for it, you will find it fairly, but you can not find a concrete implementation method so much, and even if you find it, it seems that the version of aixs is different, so you can feel free to do setHeader. I was in trouble because I didn't have it. aixs2 Stub is a Service Client Everything is protected except for retrieval, and almost nothing can be done from the outside, <A HREF="http://axis.apache.org/axis/java/apiDocs/org/apache/axis/client/Stub. It seems that the degree of freedom is very limited compared to html "target =" _ blank "> axis1 Stub . Like this time, I had a hard time setting the header.
Recommended Posts