5 Replies Latest reply on Feb 7, 2014 7:00 PM by Chris Cab

    How can I change mustUnderstand attribute of wsse:security e

    Mario Van Vlasselaer Newbie

      Hi,

      I'm writing a client for a webservice that requires message signing. I've configured it in the jboss-wsse-client.xml. Hence the generated soap envelope header contains something like:

      <wsse:Security env:mustUnderstand='1' ...></wsse:Security>
      


      Question: how can I set mustUnderstand to 0 (as is required by the webservice I'm calling) or put differently: how can I change the security element generated by JBoss?

      I thought I could modify it in a soap handler (configured in the application-client.xml), but the soapHeader doesn't seem to have the wsse:Security childElements at that time. My soap handler extends
      javax.xml.rpc.handler.GenericHandler
      .

      Thanks,
      Mario

        • 1. Re: How can I change mustUnderstand attribute of wsse:securi
          Mario Van Vlasselaer Newbie

          Another question whose answer might solve my previously stated problem:
          How can I create a handler that gets invoked after the WSSecurityHandlerOutbound? Where would I define that handler?

          Thanks,
          Mario

          • 2. Re: How can I change mustUnderstand attribute of wsse:securi
            Alessio Soldano Master

            The WS-Security handler you're talking about is configured as a post-handler. To have your handler invoked after it you need to add your handler to the jbossws configuration you're using.
            http://jbws.dyndns.org/mediawiki/index.php?title=JAX-RPC_Client_Configuration
            http://jbws.dyndns.org/mediawiki/index.php?title=JAX-RPC_Endpoint_Configuration

            • 3. Re: How can I change mustUnderstand attribute of wsse:securi
              Mario Van Vlasselaer Newbie

              Thanks for the info! I tried your suggestion but run into another problem:

              After I added in my own post handler, the outgoing soap message did not contain the wsse:Security element anymore! I basically got an empty header

              <env:Header/>
              
              my debug log shows:
              
              INFO [STDOUT] org.jboss.ws.soap.SOAPHeaderImpl@1093b10[[env:Header: null]]
              INFO [STDOUT] org.jboss.ws.soap.SOAPBodyImpl@104a340[[env:Body: null]]
              INFO [STDOUT] org.jboss.ws.soap.SOAPHeaderElementImpl@c22b28[[wsse:Security: null]]
              
              
              .

              In my post handler I did not do anything except print out the header child elements as shown below, so I don't understand how the security element got removed. Here's my code and configuration (I'm using jboss4.0.4.GA and jbossws1.0.3.GA):

              I added my post-handler to the standard-jbossws-client-config.xml as followed:

              <?xml version="1.0" encoding="UTF-8"?>
              
              <!-- $Id: standard-jbossws-client-config.xml 283 2006-05-05 23:08:11Z jason.greene@jboss.com $ -->
              
              <jbossws-config xmlns="urn:jboss:jbossws-config:5.0"
               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
               xmlns:j2ee="http://java.sun.com/xml/ns/j2ee"
               xsi:schemaLocation="urn:jboss:jbossws-config:5.0 http://www.jboss.com/xml/jbossws-config_1_0.xsd">
               ...
               <client-config>
               <config-name>Standard Secure Client</config-name>
               <post-handler-chain>
               <handler-chain-name>PostHandlerChain</handler-chain-name>
               <handler> <j2ee:handler-name>WSSecurityHandlerOutbound</j2ee:handler-name>
               <j2ee:handler-class>org.jboss.ws.wsse.WSSecurityHandlerOutbound</j2ee:handler-class>
              
               </handler>
               <handler>
               <j2ee:handler-name>MyOutboundHandler</j2ee:handler-name>
               <j2ee:handler-class>org.test.soap.handler.MyOutboundHandler</j2ee:handler-class>
               </handler>
               </post-handler-chain>
               </client-config>
               ...
              
              </jbossws-config>


              My handler looks like this:

              public class MyOutboundHandler extends GenericHandler {
              ...
              public MyOutboundHandler () {};
              
              public boolean handleRequest(MessageContext msgContext) {
              SOAPMessage soapMessage = ((SOAPMessageContext)msgContext).getMessage();
               SOAPEnvelope soapEnvelope = soapMessage.getSOAPPart().getEnvelope();
              
               SOAPHeader soapHeader = soapEnvelope.getHeader();
               Iterator it4 = soapHeader.getAllAttributes();
               while (it4.hasNext()) {
               System.out.println(it4.next());
               };
              
               Iterator it = soapHeader.getChildElements();
               while (it.hasNext()) {
               System.out.println(it.next());
               };
              }
              ...
              }
              
              


              Any idea what I'm doing wrong?

              Thanks,
              Mario

              • 4. Re: How can I change mustUnderstand attribute of wsse:securi
                Mario Van Vlasselaer Newbie

                I was able to change the "mustUnderstand" attribute of the wsse:Security element by using the following code:

                public class SpimTestingOutboundSOAPHandler
                 extends WSSecurityHandlerOutbound {
                 ...
                 public boolean handleRequest(MessageContext msgContext) {
                 if (debug) logger.debug("handleRequest() entered.");
                
                 SOAPMessage soapMessage = ((SOAPMessageContext)msgContext).getMessage();
                 Element sel = Util.findElement(soapMessage.getSOAPPart().getDocumentElement(), new QName(org.jboss.ws.wsse.Constants.WSSE_NS, "Security"));
                 sel.setAttributeNS(Constants.NS_SOAP11_ENV, Constants.PREFIX_ENV + ":" + Constants.SOAP11_ATTR_MUST_UNDERSTAND, "0");
                
                 if (debug) logger.debug("handleRequest() exited.");
                 return true;
                 }
                 ...
                }
                


                Problem solved!

                -Mario

                • 5. Re: How can I change mustUnderstand attribute of wsse:security e
                  Chris Cab Newbie

                  I know this is really old, but do you think you could show the imported classes for the class SpimTestingOutboundSOAPHandler?  I'm having trouble finding the correct findElement method.