Security Headers Sample Code
The following code sample illustrates concepts described in SOAP Message Security Header of the Getting Started section.
The following code sample illustrates concepts described in SOAP Message Security Header of the Getting Started section.
It is important to know that the TeamConnect user name and password need to be stored as String variables. Also note that in the resulting SOAP request message, the password will be transferred in cleartext format (unencrypted).
package com.mitratech.teamconnect; import java.io.IOException; import java.util.HashMap; import java.util.Map; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.cxf.endpoint.Client; import org.apache.cxf.endpoint.Endpoint; import org.apache.cxf.frontend.ClientProxy; import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor; import org.apache.ws.security.WSConstants; import org.apache.ws.security.WSPasswordCallback; import org.apache.ws.security.handler.WSHandlerConstants; public class WSSecurityHeadersHelper { private final static String USER = "system"; private final static String PASSWORD = "s"; public static void applySecurityHeaders(final Object sei) { Client cxfClient = ClientProxy.getClient(sei); Endpoint cxfEndpoint = cxfClient.getEndpoint(); Map<String, Object> outProps = new HashMap<String, Object>(); outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); outProps.put(WSHandlerConstants.USER, USER); outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT); outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCallback.class.getName()); WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); cxfEndpoint.getOutInterceptors().add(wssOut); } public static class ClientPasswordCallback implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; pc.setPassword(PASSWORD); } } }