-
1. securing pure java class webservice endpoint
"gag_72" wrote:
I'm using a jax-rpc generated client to call a webservice deployed in jboss 4.0.0. Can I secure this using web.xml security declarations?
More over can I use xmlns:jbws="http://webservice.jboss.com/ws4ee schema for authorizing this access. Where this schema is located, if i want to use it as a custom headed definition in wsdl?
any answer will be appreciated. -
2. Re: is there a way through which I can secure pure java clas
"gag_72" wrote:
I'm using a jax-rpc generated client to call a webservice deployed in jboss 4.0.0. Can I secure this using web.xml security declarations?
More over can I use xmlns:jbws="http://webservice.jboss.com/ws4ee schema for authorizing this access. Where this schema is located, if i want to use it as a custom headed definition in wsdl?
any answer will be appreciated. -
3. Re: is there a way through which I can secure pure java clas
"gag_72" wrote:
Can I secure this using web.xml security declarations?
Yes, this is supported by WS4EE."gag_72" wrote:
More over can I use xmlns:jbws="http://webservice.jboss.com/ws4ee schema for authorizing this access.
Not sure what you mean. This is a propriatary NS URI that is beeing used in jboss specific headers. -
4. Re: is there a way through which I can secure pure java clas
Hi Thomas,
Thanks for the reply. First of all sorry for so many confusing posts, but when I clicked on quote and try and change the heading, some how the whole post is posted again. May be I'm doing something wrong.
Now what I mean is, I want to call my wb service from a standard let's say a Jax-RPC generated client. In order to set right headers of Soap envelop, I want to expose jbws namespace through my wsdl as a custom header. That way I think any client should be able to add right headers. is that possible?? if it is how?
Thanks. -
5. Re: is there a way through which I can secure pure java clas
Not sure if this can be done in a portable way. The WSDL binding would need to include bindings for the two header elements. Whether the client SOAP stack provides API access to those unbound headers is a different issue. It'd be interesting to see which clients support unbound headers in their client stubs.
-
6. Re: is there a way through which I can secure pure java clas
yeah, The unbound header may not by very portable, but what if I provide a schema reference in the types section. Use types to create a header message in message and then use soap:header for input in bindings. To do this I need to explicitly import the schema in wsdl types. Something like
<definitions ................>
<xsd:import
namespace="http://webservice.jboss.com/ws4ee schema"
schemaLocation=".some.xsd" id="jbws"/>
................
.........
.............
.............
<soap:operation . soapAction=.../>
<soap:header message="my-header" use="literal">
here I define a type, create a message and use this message as a soap:header in bindings.
after this I suppose client soap stack should be able to set the header correctly.
Is something like this make sense or its impossible?? -
7. Re: is there a way through which I can secure pure java clas
yeah, The unbound header may not by very portable, but what if I provide a schema reference in the types section. Use types to create a header message in message and then use soap:header for input in bindings. To do this I need to explicitly import the schema in wsdl types. Something like
<wsdl:definitions somenamespace>
<wsdl:types>
<xsd:import
namespace="http://webservice.jboss.com/ws4ee schema"
schemaLocation=".some.xsd" id="jbws"/>
some more types
</wsdl:types>
<wsdl:message name="my-header">
<wsdl:part name="my-header" element="jbws:username ">
</wsdl:message>
.........
<wsdl:porttype>.............
.............
<soap:operation="somename" soapAction="somevalue"/>
<wsdl:input>
<soap:header message="my-header" use="literal">
</wsdl:input>
<wsdl:service>
</wsdl:service>
</wsdl:definitions>
here I define a type, create a message and use this message as a soap:header in bindings.
after this I suppose client soap stack should be able to set the header correctly.
Is something like this make sense or its impossible?? -
8. Re: is there a way through which I can secure pure java clas
I need to first understand how to use forums :) first how do I delete a post if something goes wrong.