• Home
• com.databasesandlife
• java-common
• 21.0.1
• source code
• SoapClientSecurityHeaderWriter.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.databasesandlife.util.spring.SoapClientSecurityHeaderWriter Maven / Gradle / Ivy

package com.databasesandlife.util.spring;

import com.databasesandlife.util.gwtsafe.CleartextPassword;
import org.springframework.ws.WebServiceMessage;
import org.springframework.ws.client.core.WebServiceMessageCallback;
import org.springframework.ws.soap.saaj.SaajSoapMessage;

import javax.annotation.Nonnull;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPException;

/**
 * This adds a security header to a SOAP message being sent to a SOAP server by Spring.
 * 
Usage:
 * 
 *     getWebServiceTemplate().marshalSendAndReceive(request, 
 *        new SoapClientSecurityHeaderWriter("user", "pw"));
 * 
 * 

 * The header looks like:
 * 
 *     <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
 *         wsse:mustUnderstand="1">
 *       <wsse:UsernameToken>
 *         <wsse:Username>xx</wsse:Username>
 *         <wsse:Password>yy</wsse:Password>
 *       </wsse:UsernameToken>
 *     </wsse:Security>
 * 
 *
 * @author This source is copyright Adrian Smith and licensed under the LGPL 3.
 * @see Project on GitHub
 */
public class SoapClientSecurityHeaderWriter implements WebServiceMessageCallback {
    
    protected String username;
    protected CleartextPassword password;

    public SoapClientSecurityHeaderWriter(@Nonnull String username, @Nonnull CleartextPassword password) {
        this.username = username;
        this.password = password;
    }
    
    public SoapClientSecurityHeaderWriter(@Nonnull String username, @Nonnull String password) {
        this(username, new CleartextPassword(password));
    }
    
    @Override
    public void doWithMessage(WebServiceMessage message) {
        try {
            var soapMessage = ((SaajSoapMessage) message).getSaajMessage();
            var header = soapMessage.getSOAPHeader();
            var security = header.addHeaderElement(
                new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security", "wsse"));
            var usernameToken = security.addChildElement("UsernameToken", "wsse");
            var usernameElement = usernameToken.addChildElement("Username", "wsse");
            var passwordElement = usernameToken.addChildElement("Password", "wsse");

            usernameElement.setTextContent(username);
            passwordElement.setTextContent(password.getCleartext());
        }
        catch (SOAPException e) { throw new RuntimeException(e); }
    }
}