To access a secured web service is explained below in 3 steps
Step 1:
Create skelton using wsdl2java command, configure the bean in spring XML as below
XML
<jaxws:client id="wsCall"
serviceClass="x.x.x..WSCall"
address="url?wsdl" />
Step:2
Create a test program to invoke WS as explained below.
WebServiceTest
package x.x.x.x;
import java.util.HashMap;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import x.x.x.x.WSCall;
import x.x.x.x.WSResponse;
public class WebServiceTest {
protected static final String CHAR_ENCODING = "UTF-8";
/**
* @param args
*/
public static void main(String[] args) {
try {
ApplicationContext context = new ClassPathXmlApplicationContext(new String[] {"path.xml"});
WSCall wsCall= (WSCall) context.getBean("wsCall");
HashMap outProps = new HashMap();
Client client = org.apache.cxf.frontend.ClientProxy.getClient(wsCall);//servPort);
Endpoint cxfEndpoint = client.getEndpoint();
outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.USER, "user");
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
outProps.put(WSHandlerConstants.ADD_UT_ELEMENTS, WSConstants.NONCE_LN + "" + WSConstants.CREATED_LN);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCallback.class.getName());
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
cxfEndpoint.getOutInterceptors().add(wssOut);
WSResponse wsResponse = wsCall.invoke(params...);
} catch (Exception e) {
e.printStackTrace();
}
}
}
Step:3
Create a password generation class
ClientPasswordCallback
package x.x.x.x;
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class ClientPasswordCallback implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
// set the password for our message.
pc.setPassword("password");
}
}
Run the WebServiceTest program to invoke secure Webservice.
Step 1:
Create skelton using wsdl2java command, configure the bean in spring XML as below
XML
<jaxws:client id="wsCall"
serviceClass="x.x.x..WSCall"
address="url?wsdl" />
Step:2
Create a test program to invoke WS as explained below.
WebServiceTest
package x.x.x.x;
import java.util.HashMap;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import x.x.x.x.WSCall;
import x.x.x.x.WSResponse;
public class WebServiceTest {
protected static final String CHAR_ENCODING = "UTF-8";
/**
* @param args
*/
public static void main(String[] args) {
try {
ApplicationContext context = new ClassPathXmlApplicationContext(new String[] {"path.xml"});
WSCall wsCall= (WSCall) context.getBean("wsCall");
HashMap outProps = new HashMap();
Client client = org.apache.cxf.frontend.ClientProxy.getClient(wsCall);//servPort);
Endpoint cxfEndpoint = client.getEndpoint();
outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.USER, "user");
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
outProps.put(WSHandlerConstants.ADD_UT_ELEMENTS, WSConstants.NONCE_LN + "" + WSConstants.CREATED_LN);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCallback.class.getName());
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
cxfEndpoint.getOutInterceptors().add(wssOut);
WSResponse wsResponse = wsCall.invoke(params...);
} catch (Exception e) {
e.printStackTrace();
}
}
}
Step:3
Create a password generation class
ClientPasswordCallback
package x.x.x.x;
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class ClientPasswordCallback implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
// set the password for our message.
pc.setPassword("password");
}
}
Run the WebServiceTest program to invoke secure Webservice.
