views:

382

answers:

1

I created a web services client prototype using api's available in weblogic 10.3. I've been told I need to use Metro 2.0 instead (it's already being used for other projects). The problem I have encounter is that the WSDL does not include any Security Policy information but a UsernameToken is required for each method call. In weblogic I was able to write my own policy xml file and instantiate my service with it (see below), however I can not seem to figure out how to do the same using Metro.

Policy.xml

 <?xml version="1.0"?>  
     <wsp:Policy  
       xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"  
       xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512"&gt;  
       <sp:SupportingTokens>  
         <wsp:Policy>  
           <sp:UsernameToken  
             sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/AlwaysToRecipient"&gt;  
             <wsp:Policy>  
               <sp:WssUsernameToken10/>
               <sp:HashPassword/>
             </wsp:Policy>  
           </sp:UsernameToken>  
         </wsp:Policy>  
       </sp:SupportingTokens>  
     </wsp:Policy>

Client.java (Weblogic)

      ClientPolicyFeature cpf = new ClientPolicyFeature();
      InputStream asStream =  WebServiceSoapClient.class.getResourceAsStream("Policy.xml");  
      cpf.setEffectivePolicy(new InputStreamPolicySource(asStream)); 

      try
      {
         webService = new WebService(new URL("http://192.168.1.10/WebService/WebService.asmx?wsdl"), new QName("http://testme.com", "WebService"));
      }
      catch ( MalformedURLException e )
      {
         e.printStackTrace();
      }

      WebServiceSoap client = webService.getWebServiceSoap(new WebServiceFeature[] {cpf});    

      List<CredentialProvider> credProviders = new ArrayList<CredentialProvider>();    
      String username = "user";
      String password = "pass";
      CredentialProvider cp = new ClientUNTCredentialProvider(username.getBytes(), password.getBytes());     
      credProviders.add(cp);

      Map<String, Object> rc = ((BindingProvider) client).getRequestContext();  
      rc.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);

... 

I am able to generate my Proxy classes using Metro however I can not figure out how to configure it to send the UsernameToken. I have attempted several different examples from the web which have not worked. Any help would be appreciated.

A: 

Maybe check out Implementing the WS-Security UsernameToken Profile for Metro-based web services. This tutorial has been helpful for me in the past.

Pascal Thivent
Thanks. I have used that tutorial and was able to get the policy set up by modifying the WSDL. I was really hoping there would be an approach similar to Weblogic where I could set it up programmatically.
Rodney
I am also hoping for a method where I don't have to modify the WSDL. In my case the WSDL is maintained by a third party and I have no control of what goes in there.
Ron Tuffin