Over a million developers have joined DZone.

CXF SOAP Header Basic Authentication Interceptors Java Without Spring

DZone's Guide to

CXF SOAP Header Basic Authentication Interceptors Java Without Spring

Here's a great guide to authentication interceptors in Java without using Spring!

· Java Zone
Free Resource

Learn how to stop testing everything every sprint and only test the code you’ve changed. Brought to you by Parasoft.

If you have used the tool:


to create your SOAP CXF stubs.

Create a Basic Authentication Interceptor as follows:

package com.bos.services.cxf.interceptors;

import org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.ws.security.SecurityConstants;

public abstract class CxfBasicAuthInterceptor extends AbstractOutDatabindingInterceptor {

public CxfBasicAuthInterceptor() {

public void handleMessage(Message outMessage) throws Fault {
outMessage.setContextualProperty(SecurityConstants.USERNAME, getUsername());
outMessage.setContextualProperty(SecurityConstants.PASSWORD, getPassword());

public abstract String getUsername();

public abstract String getPassword();

To use the Basic Authetication Interceptor:

QName serviceName = new QName("http://bos.asoap.service.com/v1.0/ServiceApi", "BosWS");

BosWS ss = new BosWS(wsdlURL, serviceName);
IBosWS service = ss.getBasicHttpBindingIBosWS();
Client client = ClientProxy.getClient(service);

client.getOutInterceptors().add(new CxfBasicAuthInterceptor() {
public String getUsername() {
return configService.getWSUserName();

public String getPassword() {
return configService.getWSPassword();

Get the top tips for Java developers and best practices to overcome common challenges. Brought to you by Parasoft.

cxf ,java 1.7 ,soap header ,basic authentication

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}