All geek questions in one place

UsernameToken User Policy

I created a prototype web services client using the api available in weblogic 10.3. I was told that I need to use Metro 2.0 instead (it is already used for other projects). The problem I am facing is that the WSDL does not contain any security policy information, but a UsernameToken is required for every method call. In weblogic, I was able to write my own XML policy file and create an instance of my service (see below), however I cannot figure out how to do the same with Metro.

policy.xml

 <?xml version="1.0"?>  
     <wsp:Policy  
       xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"  
       xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512">  
       <sp:SupportingTokens>  
         <wsp:Policy>  
           <sp:UsernameToken  
             sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/AlwaysToRecipient">  
             <wsp:Policy>  
               <sp:WssUsernameToken10/>
               <sp:HashPassword/>
             </wsp:Policy>  
           </sp:UsernameToken>  
         </wsp:Policy>  
       </sp:SupportingTokens>  
     </wsp:Policy>

Client.java (Weblogic)

      ClientPolicyFeature cpf = new ClientPolicyFeature();
      InputStream asStream =  WebServiceSoapClient.class.getResourceAsStream("Policy.xml");  
      cpf.setEffectivePolicy(new InputStreamPolicySource(asStream)); 

      try
      {
         webService = new WebService(new URL("http://192.168.1.10/WebService/WebService.asmx?wsdl"), new QName("http://testme.com", "WebService"));
      }
      catch ( MalformedURLException e )
      {
         e.printStackTrace();
      }

      WebServiceSoap client = webService.getWebServiceSoap(new WebServiceFeature[] {cpf});    

      List<CredentialProvider> credProviders = new ArrayList<CredentialProvider>();    
      String username = "user";
      String password = "pass";
      CredentialProvider cp = new ClientUNTCredentialProvider(username.getBytes(), password.getBytes());     
      credProviders.add(cp);

      Map<String, Object> rc = ((BindingProvider) client).getRequestContext();  
      rc.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);

...

- Metro, , UsernameToken. , . .

+3

Source: https://habr.com/ru/post/1728248/

More articles:


All Articles