Password Call Back Handler - This class is invoked by container when the webservice receives a secured request.
package crishantha.rampart;
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class PWCBHandler implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
System.out.println("handle->(Callback[]:"+ callbacks);
for (int i = 0; i < callbacks.length; i++) {
System.out.println("(Callback["+i+"]:"+ callbacks[i]);
//When the server side need to authenticate the user
WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
System.out.println("pwcb.getIdentifier()->"+pwcb.getIdentifier());
System.out.println("pwcb.getPassword()->"+pwcb.getPassword());
if(pwcb.getIdentifier().equals("apache") /*&& pwcb.getPassword().equals("password")*/) {
//If authentication successful, simply return
pwcb.setPassword("password"); // this value should be same as password supplied in SOAP Envelop.
//See the client program below for password
System.out.println("user authenticated->"+pwcb.getIdentifier());
return;
} else {
throw new UnsupportedCallbackException(callbacks[i], "check failed");
}
}
}
}
Client Program to call secured webservice
package ramp.client;
import org.apache.axis2.client.Options;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
public class Client {
public static void main(String[] args)throws Exception {
System.setProperty("javax.net.ssl.trustStore", "D:\\apache-tomcat-7.0.53\\bin\\sslkey\\sslkey.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("D:\\AXIS2_DUMP\\axis2-1.6.2\\repository", null);
System.out.println("0->"+ctx.getContextRoot());
TemperatureConversionServiceStub stub = new TemperatureConversionServiceStub(ctx, "https://localhost:8443/ram/services/TemperatureConversionService");
System.out.println("1->"+stub);
ServiceClient sc = stub._getServiceClient();
System.out.println("1.1->"+sc);
sc.engageModule("rampart");
System.out.println("1.2->"+sc);
Options options = sc.getOptions();
System.out.println("1.3->"+options);
options.setUserName("apache");
options.setPassword("password");
System.out.println("1.4->"+options.getPassword());
TemperatureConversionServiceStub.Celcius2Farenhit celc = new TemperatureConversionServiceStub.Celcius2Farenhit();
System.out.println("2->"+celc);
celc.setCelcius(10f);
System.out.println("3->"+celc);
TemperatureConversionServiceStub.Celcius2FarenhitResponse cfr = stub.celcius2Farenhit(celc);
System.out.println("4->"+cfr);
float f = cfr.get_return();
System.out.println("5. result->"+f);
}
}
SOAP Envelop sent by client program:
<?xml version='1.0' encoding='utf-8'?>
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
soapenv:mustUnderstand="true">
<wsu:Timestamp wsu:Id="TS-1">
<wsu:Created>2014-05-18T12:13:15.063Z</wsu:Created>
<wsu:Expires>2014-05-18T12:18:15.063Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="UsernameToken-2">
<wsse:Username>apache</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<ns1:celcius2farenhit xmlns:ns1="http://www.polarisft.com/iph/ws/portalService/">
<ns1:celcius>10.0</ns1:celcius>
</ns1:celcius2farenhit>
</soapenv:Body>
</soapenv:Envelope>