SOAP Web Service Security: Authentication with MessageContext and BindingProvider
April 05, 2014
Software Dependency
The below software is needed to run the program.1. JDK 6
2. Eclipse
Create Web Service Server Using MessageContext
We will first write code for our web service server. We will fetch MessageContext from WebServiceContext and MessageContext will provide headers. The header will contain user defined keys. In our case there is two keys username and password.Find the interface of our web service.
Welcome.java
package com.concretepage.endpoint;
import javax.jws.WebMethod;
import javax.jws.WebService;
@WebService
public interface Welcome {
@WebMethod
public String getWelcomeMsg(String name);
}
Find the implementation of web service.
WelcomeImpl.java
package com.concretepage.endpoint;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import javax.jws.WebService;
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.handler.MessageContext;
@WebService(endpointInterface = "com.concretepage.endpoint.Welcome")
public class WelcomeImpl implements Welcome {
@Resource
WebServiceContext ctx;
@SuppressWarnings("unchecked")
@Override
public String getWelcomeMsg(String name){
MessageContext msgctx = ctx.getMessageContext();
Map headers = (Map) msgctx.get(MessageContext.HTTP_REQUEST_HEADERS);
List<String> users = (List<String>) headers.get("username");
List<String> pwds = (List<String>) headers.get("password");
if(users!=null && pwds != null){
if("concretepage".equals(users.get(0))&& "cp1234".equals(pwds.get(0))){
return "Welcome "+name;
}else{
return "Authentication failed.";
}
}
return "Username and password not provided.";
}
}
WelcomeMsgPublisher.java
package com.concretepage;
import javax.xml.ws.Endpoint;
import com.concretepage.endpoint.WelcomeImpl;
public class WelcomeMsgPublisher {
public static void main(String[] args) {
Endpoint.publish("http://localhost:8080/JAXWS/Welcome", new WelcomeImpl());
}
}
Create Web Service Client Using BindingProvider
Now we will write code for our client. Before writing code we need to create stubs with the help of our web service URL. Go to the command prompt and reach to root directory of client project and run the command as below.wsimport -s src/main/java http://localhost:8080/JAXWS/Welcome?wsdl
Now we have stubs. Use these stubs to write client code. The important thing here is BindingProvider. It will provide request context. We will set username and password in the header with help of it.Find the client class.
WelcomeMsgClient.java
package com.concretepage.client;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.handler.MessageContext;
import com.concretepage.endpoint.Welcome;
import com.concretepage.endpoint.WelcomeImplService;
public class WelcomeMsgClient {
public static void main(String[] args) {
WelcomeImplService welService = new WelcomeImplService();
Welcome welcome = welService.getWelcomeImplPort();
BindingProvider bp = (BindingProvider) welcome;
Map<String, Object> map = bp.getRequestContext();
Map<String, List<String>> headers = new HashMap<String, List<String>>();
headers.put("username", Collections.singletonList("concretepage"));
headers.put("password", Collections.singletonList("cp1234"));
map.put(MessageContext.HTTP_REQUEST_HEADERS, headers);
System.out.println(welcome.getWelcomeMsg("Everyone!"));
}
}
