DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports
Events Video Library
Refcards
Trend Reports

Events

View Events Video Library

Zones

Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

How does AI transform chaos engineering from an experiment into a critical capability? Learn how to effectively operationalize the chaos.

Data quality isn't just a technical issue: It impacts an organization's compliance, operational efficiency, and customer satisfaction.

Are you a front-end or full-stack developer frustrated by front-end distractions? Learn to move forward with tooling and clear boundaries.

Developer Experience: Demand to support engineering teams has risen, and there is a shift from traditional DevOps to workflow improvements.

Related

  • Consuming SOAP Service With Apache CXF and Spring
  • Spring Boot - How To Use Native SQL Queries | Restful Web Services
  • RESTful Web Services: How To Create a Context Path for Spring Boot Application or Web Service
  • How To Validate HTTP Post Request Body - Restful Web Services With Spring Framework | Spring Boot

Trending

  • Software Specs 2.0: An Elaborate Example
  • Designing Scalable Multi-Agent AI Systems: Leveraging Domain-Driven Design and Event Storming
  • Mastering Fluent Bit: Controlling Logs With Fluent Bit on Kubernetes (Part 4)
  • Altering XML Tag Position Using Mule 4 With Basic Authentication
  1. DZone
  2. Coding
  3. Languages
  4. JAX-WS Header: Part 1 the Client Side

JAX-WS Header: Part 1 the Client Side

Manipulating JAXWS header on the client Side like adding WSS username token or logging saop message.

By 
Slim Ouertani user avatar
Slim Ouertani
·
Jun. 25, 12 · Tutorial
Likes (0)
Comment
Save
Tweet
Share
89.4K Views

Join the DZone community and get the full member experience.

Join For Free

Purpose

Manipulating JAXWS header on the client Side like adding WSS username token or logging saop message.

Introduction

On Telecom IT environment and specially middelware solution, we will rarely do all the work but rather delegate some of business process to other tiers. Web service communications is heavy used between solutions. This tutorial aims to introduce using handler on client side by adding WSS UserToken or logging the soap message on console.

Adding undeclared custom header

Some Ws client needs to add a custom header which are not declared on WSDL. Adding WSS Username Token is like adding this XML snippet on header element:

<soapenv:Header>
      <wsse:Security  xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
         <wsse:UsernameToken wsu:Id="UsernameToken-1">
            <wsse:Username>login</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XXXX</wsse:Password>        
         </wsse:UsernameToken>
      </wsse:Security>
 </soapenv:Header>

Unlike LogicalHandler SOAPHandler have access to the entire Soap Message. Let's create an WSSUsernameTokenSecurityHandler Local Stateless Bean extending SOAPHandler to produce the previous header.
Below the WSSUsernameTokenSecurityHandler class

package me.slim.ouertani;

import java.util.Set;
import java.util.TreeSet;
import javax.annotation.Resource;
import javax.ejb.LocalBean;
import javax.ejb.Stateless;
import javax.xml.namespace.QName;
import javax.xml.soap.*;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;

@Stateless
@LocalBean
public class WSSUsernameTokenSecurityHandler implements SOAPHandler<SOAPMessageContext> {

    @Resource(lookup = "login")
    private String login;
    @Resource(lookup = "pwd")
    private String pwd;

    public WSSUsernameTokenSecurityHandler() {
    }

    @Override
    public boolean handleMessage(SOAPMessageContext context) {

        Boolean outboundProperty =
                (Boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
        if (outboundProperty.booleanValue()) {

            try {
                SOAPEnvelope envelope = context.getMessage().getSOAPPart().getEnvelope();
                SOAPFactory factory = SOAPFactory.newInstance();
                String prefix = "wsse";
                String uri = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
                SOAPElement securityElem =
                        factory.createElement("Security", prefix, uri);
                SOAPElement tokenElem =
                        factory.createElement("UsernameToken", prefix, uri);
                tokenElem.addAttribute(QName.valueOf("wsu:Id"), "UsernameToken-2");
                tokenElem.addAttribute(QName.valueOf("xmlns:wsu"), "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
                SOAPElement userElem =
                        factory.createElement("Username", prefix, uri);
                userElem.addTextNode(login);
                SOAPElement pwdElem =
                        factory.createElement("Password", prefix, uri);
                pwdElem.addTextNode(pwd);
                pwdElem.addAttribute(QName.valueOf("Type"), "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
                tokenElem.addChildElement(userElem);
                tokenElem.addChildElement(pwdElem);
                securityElem.addChildElement(tokenElem);
                SOAPHeader header = envelope.addHeader();
                header.addChildElement(securityElem);

            } catch (Exception e) {
                e.printStackTrace();
            }
        } else {
            // inbound
        }
        return true;
    }

    @Override
    public Set<QName> getHeaders() {
        return new TreeSet();
    }

    @Override
    public boolean handleFault(SOAPMessageContext context) {
        return false;
    }

    @Override
    public void close(MessageContext context) {
        //
    }
}

Next, declare the StatelessBean and inject both Webservice via @WebServiceRef and WSSUsernameTokenSecurityHandler via @EJB. A callback init method will add a HandlerResolver to the service. Below the full implementation

@Stateless
@LocalBean
public class WebServiceClientBean {

    @WebServiceRef()
    private WsService service;
    @EJB
    private WSSUsernameTokenSecurityHandler wSSUsernameTokenSecurityHandler;

    @PostConstruct
    private void init() {
        service.setHandlerResolver( new HandlerResolver() {

            @Override
            public List<Handler> getHandlerChain(PortInfo portInfo) {
                List<Handler> handlerList = new ArrayList<Handler>();
                handlerList.add(wSSUsernameTokenSecurityHandler);
                return handlerList;
            }
        });
    }

  public WsResponse getService(WsRequest wsRequest) {      
        WsPort port = service.getPort();
        return port.invoqueService(wsRequest);
    }

}

Logging SOAP messages

Logging exchange xml message can be also using handlers, below the scala snippet handler used to log both in and out messages:


class RequestResponsePrinter  extends SOAPHandler[SOAPMessageContext] with LogHelper {

override def getHeaders(): Set[QName] = {
    return new TreeSet();
  }

  override def handleMessage(context: SOAPMessageContext): Boolean = {
    val sb = new ToStringBuilder(this).append("Call operation", "handleMessage");

    L.debug(sb);
    val outboundProperty = context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY).asInstanceOf[Boolean]


      try {
            val msg = context.getMessage()
            val out = new ByteArrayOutputStream();
            msg.writeTo(out);
            val strMsg = new String(out.toByteArray());
            L.debug("outbound  : "+outboundProperty.booleanValue()+" [" + strMsg + "]");

      } catch {
        case e: Exception =>
          L.error(sb.append("EXCEPTION", e.getMessage()), e);
      }

    return true;
  }

  override def handleFault(context: SOAPMessageContext): Boolean = {
    return false;
  }

  override def close(context: MessageContext) {
    //
  }
}
  • scala version of Handler resolver
new HandlerResolver() {

      override def getHandlerChain(portInfo: PortInfo): java.util.List[javax.xml.ws.handler.Handler[_ <: javax.xml.ws.handler.MessageContext]] = {
        import scala.collection.mutable.ArrayBuffer
        val handlerList = ArrayBuffer[Handler[_ <: javax.xml.ws.handler.MessageContext]]()       
        handlerList += new RequestResponsePrinter()
        return handlerList

      }
    };

Conclusion

We have heavily used handler on client side. On the server side things can change a bit, to be continued ...

Web Service Business process Snippet (programming) Scala (programming language) Console (video game CLI) IT SOAP Implementation XML Web Protocols Spring Framework

Opinions expressed by DZone contributors are their own.

Related

  • Consuming SOAP Service With Apache CXF and Spring
  • Spring Boot - How To Use Native SQL Queries | Restful Web Services
  • RESTful Web Services: How To Create a Context Path for Spring Boot Application or Web Service
  • How To Validate HTTP Post Request Body - Restful Web Services With Spring Framework | Spring Boot

Partner Resources

×

Comments

The likes didn't load as expected. Please refresh the page and try again.

ABOUT US

  • About DZone
  • Support and feedback
  • Community research
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • [email protected]

Let's be friends: