users@jax-rpc.java.net

Re: The client handler strips the SOAP-headers (WS Sec. Signature) off

From: Marcus Heinonen <marhei_at_foi.se>
Date: Wed, 16 Aug 2000 01:03:20 +0200

Bobby Bissett - Javasoft wrote:

> Marcus Heinonen wrote:
>
>>
>> I'm using WS Security signature to the the JAX-RPC call. But I would
>> like to change some things in the SOAP-message using a handler on the
>> client side. But the handler strips off all SOAP-headers when processing
>> the request from the client. Can I keep these headers in some way?
>
>
> Using the xws-security handler, there is no way currently to change
> that, though there may be in a future release. If you want to change
> the message in some way (for instance, the request before it leaves
> the client), you can add your own handler to the client that extends
> javax.xml.rpc.handler.GenericHandler and implement the handleRequest()
> so that it makes your changes and leaves as much or as little of the
> message intact as you'd like.
>
> Cheers,
> Bobby Bissett
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_jax-rpc.dev.java.net
> For additional commands, e-mail: users-help_at_jax-rpc.dev.java.net
>
When I add a handler (extending GenericHandler) and add it to the
handler chain on the client side I can't see (inside the handler code)
the tags which WS security signing should have created. And the
signature element (wsse:Security) aren't added after the handler
processed the request because they doesn't show up on the server side
either. If a use the signing helper on the client side without a handler
the signature i attached and seen on the server side. So using a handler
together with the WS Signature helper seems to not work. Is it really
possibly to use WS Security Signature handler together with a custom
handler written by oneself.

I'm adding these two lines for signing the JAX-RPC call

         // Create a CertificateClientHelper for a client-side stub/proxy
         CertificateClientHelper cch =
CertificateClientHelper.createFor(proxy);

         // Sign the request and then dump the message for debugging
         cch.addSignRequest().addDumpRequest();

Inside the handler in method handleRequest I just dump the SOAP message.
When doing this I only see the SOAP-body.

         // Write entire soap message to System.out
         OutputStream objOutputStream = System.out;
         message.writeTo(objOutputStream);

Regards,

Marcus Heinonen



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_jax-rpc.dev.java.net
For additional commands, e-mail: users-help_at_jax-rpc.dev.java.net