Add wsse:Security headers to SOAP requests
437 views
Skip to first unread message
Beat Real
Nov 25, 2016, 6:25:07 AM11/25/16
to ipf-user
Hi
trying to add a SAML token as header of SOAP requests to XDS backend.
Followed the templates on http://oehf.github.io/ipf/ipf-platform-camel-ihe-ws/protocolHeaders.html
Code extract:
SOAPElement securityHeader = soapFactory.createElement("Security", "wsse", IHESoapConstants.WSS_SECEXT_URI);
SOAPElement subElement = soapFactory.createElement(samlElement);
securityHeader.addChildElement(subElement);
exchange.getIn().getHeaders().put(AbstractWsEndpoint.OUTGOING_SOAP_HEADERS, securityHeader);
But this apparently does not work (without error): on webservice service side the SOAP requests arrive without the SAML header.
Seems that CXF simply ignores my SAML header. Is the described approach not supported anymore?
I use IPF 3.1 with Camel 2.18.0 with CXF 3.1.7
cheers
Beat
trying to add a SAML token as header of SOAP requests to XDS backend.
Followed the templates on http://oehf.github.io/ipf/ipf-platform-camel-ihe-ws/protocolHeaders.html
Code extract:
SOAPElement securityHeader = soapFactory.createElement("Security", "wsse", IHESoapConstants.WSS_SECEXT_URI);
SOAPElement subElement = soapFactory.createElement(samlElement);
securityHeader.addChildElement(subElement);
exchange.getIn().getHeaders().put(AbstractWsEndpoint.OUTGOING_SOAP_HEADERS, securityHeader);
But this apparently does not work (without error): on webservice service side the SOAP requests arrive without the SAML header.
Seems that CXF simply ignores my SAML header. Is the described approach not supported anymore?
I use IPF 3.1 with Camel 2.18.0 with CXF 3.1.7
cheers
Beat
Beat Real
Nov 28, 2016, 5:04:53 AM11/28/16
to ipf-user
Debugged through camel and cxf to find the right keys and classes.
This sample code now works for me:
This sample code now works for me:
org.w3c.dom.Element samlElement = ....; // input
javax.xml.namespace.QName samlHeaderName = new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security", "wsse");
org.apache.cxf.headers.Header samlHeader = new Header(samlHeaderName, samlElement);
exchange.getIn().getHeaders().put(AbstractWsEndpoint.OUTGOING_SOAP_HEADERS, Collections.singleton(samlHeader));
Christian Ohr
Dec 1, 2016, 3:25:09 AM12/1/16
to ipf-user
Thanks for figuring out!
The header name can also be obtained from WSS4J constants:
import org.apache.wss4j.common.WSS4JConstants;
private static final QName WS_SECURITY_ELEMENT = new QName(WSS4JConstants.WSSE_NS,WSS4JConstants.WSSE_LN, WSS4JConstants.WSSE_PREFIX);
There should also be the possibility to do this in a CXF Interceptor so that the route is not "polluted" with WSS details... Just a matter of taste, really.
cheers
Christian
Beat Real
Dec 1, 2016, 4:11:47 AM12/1/16
to ipf-user
Hi Christian
I agree it's not the most elegant nor robust approach to directly set the saml header.
Are you aware of some sample code/configuration how to use IPF with CXF interceptors?
thanks
Beat
I agree it's not the most elegant nor robust approach to directly set the saml header.
Are you aware of some sample code/configuration how to use IPF with CXF interceptors?
thanks
Beat
Reply all
Reply to author
Forward
0 new messages