axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Guy Rixon <...@ast.cam.ac.uk>
Subject Re: basic authentication
Date Fri, 26 Aug 2005 13:47:05 GMT
If you are able to change the WSDL contract, then you can indeed include the
username and password in the SOAP body. Just put them in a message part, like
any other parameter.

If you want to put username and password in the SOAP header, then you can use
the UsernameToken mode of WSS4J to be compatible with the WS-Security
standard; or you can invent your own header if you don't have to be standard
or interoperable. Using WSS4J is probably better.

On Fri, 26 Aug 2005, Plorks mail wrote:

> hi all
>
> i'm currntly getting username and password using basic authentication in my
> web service.
>
> we are using a product that doesn't support basic authentaication in the
> http header, so now i have to re-write my web service.  Can anyone suggest
> an alternative way to do this?
>
> Can i set the username and password in the SOAP Envelope/body?
>
> Thsi is the code i'm curently using
> String headerAuth =
> (String)msgContext.getProperty(HTTPConstants.HEADER_AUTHORIZATION);
>
> if (headerAuth != null)
> {
>    headerAuth = headerAuth.trim();
> }
>
> if (headerAuth != null && headerAuth.startsWith("Basic "))
> {
> int i;
>
> headerAuth = new String(Base64.decode(headerAuth.substring(6)));
>
> String [] userNamePassword = headerAuth.split(":");
>
> userName = userNamePassword[0];
> password = userNamePassword[1];
> }
>
> thanks for  any help
>
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today - it's FREE!
> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>

Guy Rixon 				        gtr@ast.cam.ac.uk
Institute of Astronomy   	                Tel: +44-1223-337542
Madingley Road, Cambridge, UK, CB3 0HA		Fax: +44-1223-337523

Mime
View raw message