Search code examples
javaspringweb-servicesjaxbspring-ws

JAXB Header security with Spring-WS

im try to develop a webservices with JAXB and SpringWS. but i have a question. Where i put my wss Security and how i create a Header?

this is my actual code:

CONTEXT SPRING CLIENT

    @Configuration
public class MonsterWSClientContext {

    private static final String URL = "AAA";
    private static final String TEST_URL = "TEST";
    private static final String WS_URL = TEST_URL + "/soap/WSOfferService";

    @Bean
    @Autowired
    public MonsterWSClient monsterClient(Jaxb2Marshaller marshaller) {
        MonsterWSClient client = new MonsterWSClient();
        client.setDefaultUri(WS_URL);
        client.setMarshaller(marshaller);
        client.setUnmarshaller(marshaller);
        return client;
    }


    @Bean
    public Jaxb2Marshaller marshaller() {
        Jaxb2Marshaller jaxb2Marshaller = new Jaxb2Marshaller();
        jaxb2Marshaller.setPackagesToScan(com.monster.schemas.monster.ObjectFactory.class.getPackage().getName(), 
                com.monster.schemas.monsterheader.ObjectFactory.class.getPackage().getName(), 
                com.monster.schemas.ObjectFactory.class.getPackage().getName(),
                com.monster.webservices.monsterportal.ObjectFactory.class.getPackage().getName());
        return jaxb2Marshaller;

    }

}

this is the client

public class MonsterWSClient extends WebServiceGatewaySupport {


    public JobsResponse updateJob(Job request) {

        return (JobsResponse) getWebServiceTemplate().marshalSendAndReceive(request,
                new SoapActionCallback(getDefaultUri() + "/createOffer"));
    }
}

and this is the main:

public class Test {
     public JobsResponse callMonster(String jobRefCode, String userName,
     InformazioniAnnuncio datiAnnuncio)
     {
         MonsterWSClient client = new MonsterWSClient();
         JobsResponse response = new JobsResponse();    
         return response = client.updateJob(createJob(jobRefCode, userName, datiAnnuncio));

     }
}
  • i have create the Job object.
  • but i dont understand where i put the header with my credential.

Thanks.

Solution

  • You'll have to use spring-ws-security. Use this link spring ws security .This page has all the security related settings and you'll need to set up Wss4jSecurityInterceptor with your username and password.

    Something like this 

        @Bean
    public Wss4jSecurityInterceptor securityInterceptor() {
    Wss4jSecurityInterceptor securityInterceptor = new   Wss4jSecurityInterceptor();
    securityInterceptor.setSecurementActions("UsernameToken");
    securityInterceptor.setSecurementUsername({username});
    securityInterceptor.setSecurementPassword({password});
    securityInterceptor.setSecurementPasswordType("PasswordText");
    securityInterceptor.setSecurementUsernameTokenElements("Created");
    return securityInterceptor;