5 Replies Latest reply on Feb 7, 2014 7:00 PM by chriscab

    How can I change mustUnderstand attribute of wsse:security e

    mariovvl Jan 11, 2008 7:36 PM

      Hi,

      I'm writing a client for a webservice that requires message signing. I've configured it in the jboss-wsse-client.xml. Hence the generated soap envelope header contains something like:

      <wsse:Security env:mustUnderstand='1' ...></wsse:Security>


      Question: how can I set mustUnderstand to 0 (as is required by the webservice I'm calling) or put differently: how can I change the security element generated by JBoss?

      I thought I could modify it in a soap handler (configured in the application-client.xml), but the soapHeader doesn't seem to have the wsse:Security childElements at that time. My soap handler extends 
      javax.xml.rpc.handler.GenericHandler
      .

      Thanks,
      Mario

      • 4075 Views
      • Tags:
        • 1. Re: How can I change mustUnderstand attribute of wsse:securi
          mariovvl Jan 11, 2008 8:25 PM (in response to mariovvl)

          Another question whose answer might solve my previously stated problem:
          How can I create a handler that gets invoked after the WSSecurityHandlerOutbound? Where would I define that handler?

          Thanks,
          Mario

            • Actions
          • 2. Re: How can I change mustUnderstand attribute of wsse:securi
            asoldano
            asoldano Jan 12, 2008 6:22 AM (in response to mariovvl)

            The WS-Security handler you're talking about is configured as a post-handler. To have your handler invoked after it you need to add your handler to the jbossws configuration you're using.
            http://jbws.dyndns.org/mediawiki/index.php?title=JAX-RPC_Client_Configuration
            http://jbws.dyndns.org/mediawiki/index.php?title=JAX-RPC_Endpoint_Configuration

              • Actions
            • 3. Re: How can I change mustUnderstand attribute of wsse:securi
              mariovvl Jan 12, 2008 1:38 PM (in response to mariovvl)

              Thanks for the info! I tried your suggestion but run into another problem:

              After I added in my own post handler, the outgoing soap message did not contain the wsse:Security element anymore! I basically got an empty header

              <env:Header/>

my debug log shows:

INFO [STDOUT] org.jboss.ws.soap.SOAPHeaderImpl@1093b10[[env:Header: null]]
INFO [STDOUT] org.jboss.ws.soap.SOAPBodyImpl@104a340[[env:Body: null]]
INFO [STDOUT] org.jboss.ws.soap.SOAPHeaderElementImpl@c22b28[[wsse:Security: null]]
              .

              In my post handler I did not do anything except print out the header child elements as shown below, so I don't understand how the security element got removed. Here's my code and configuration (I'm using jboss4.0.4.GA and jbossws1.0.3.GA):

              I added my post-handler to the standard-jbossws-client-config.xml as followed: 

              <?xml version="1.0" encoding="UTF-8"?>

<!-- $Id: standard-jbossws-client-config.xml 283 2006-05-05 23:08:11Z jason.greene@jboss.com $ -->

<jbossws-config xmlns="urn:jboss:jbossws-config:5.0"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xmlns:j2ee="http://java.sun.com/xml/ns/j2ee"
 xsi:schemaLocation="urn:jboss:jbossws-config:5.0 http://www.jboss.com/xml/jbossws-config_1_0.xsd">
 ...
 <client-config>
 <config-name>Standard Secure Client</config-name>
 <post-handler-chain>
 <handler-chain-name>PostHandlerChain</handler-chain-name>
 <handler> <j2ee:handler-name>WSSecurityHandlerOutbound</j2ee:handler-name>
 <j2ee:handler-class>org.jboss.ws.wsse.WSSecurityHandlerOutbound</j2ee:handler-class>

 </handler>
 <handler>
 <j2ee:handler-name>MyOutboundHandler</j2ee:handler-name>
 <j2ee:handler-class>org.test.soap.handler.MyOutboundHandler</j2ee:handler-class>
 </handler>
 </post-handler-chain>
 </client-config>
 ...

</jbossws-config>


              My handler looks like this: 

              public class MyOutboundHandler extends GenericHandler {
...
public MyOutboundHandler () {};

public boolean handleRequest(MessageContext msgContext) {
SOAPMessage soapMessage = ((SOAPMessageContext)msgContext).getMessage();
 SOAPEnvelope soapEnvelope = soapMessage.getSOAPPart().getEnvelope();

 SOAPHeader soapHeader = soapEnvelope.getHeader();
 Iterator it4 = soapHeader.getAllAttributes();
 while (it4.hasNext()) {
 System.out.println(it4.next());
 };

 Iterator it = soapHeader.getChildElements();
 while (it.hasNext()) {
 System.out.println(it.next());
 };
}
...
}


              Any idea what I'm doing wrong?

              Thanks,
              Mario

                • Actions
              • 4. Re: How can I change mustUnderstand attribute of wsse:securi
                mariovvl Jan 12, 2008 10:53 PM (in response to mariovvl)

                I was able to change the "mustUnderstand" attribute of the wsse:Security element by using the following code:

                public class SpimTestingOutboundSOAPHandler
 extends WSSecurityHandlerOutbound {
 ...
 public boolean handleRequest(MessageContext msgContext) {
 if (debug) logger.debug("handleRequest() entered.");

 SOAPMessage soapMessage = ((SOAPMessageContext)msgContext).getMessage();
 Element sel = Util.findElement(soapMessage.getSOAPPart().getDocumentElement(), new QName(org.jboss.ws.wsse.Constants.WSSE_NS, "Security"));
 sel.setAttributeNS(Constants.NS_SOAP11_ENV, Constants.PREFIX_ENV + ":" + Constants.SOAP11_ATTR_MUST_UNDERSTAND, "0");

 if (debug) logger.debug("handleRequest() exited.");
 return true;
 }
 ...
}


                Problem solved!

                -Mario

                  • Actions
                • 5. Re: How can I change mustUnderstand attribute of wsse:security e
                  chriscab
                  chriscab Feb 7, 2014 7:00 PM (in response to mariovvl)

                  I know this is really old, but do you think you could show the imported classes for the class SpimTestingOutboundSOAPHandler?  I'm having trouble finding the correct findElement method. 

                    • Actions