Accessing Web service

[madhu_sushmi]

I want to access Secured .NET Web service using JAVA. I want to set
call.setProperty(WsseClientHandler.PASSWORD_OPTION ,
WsseClientHandler.PASSWORD_CLEARTEXT);
But WsseClientHandler.PASSWORD_OPTION is not being recognized by JAVA. How do i make it work ?

Is there any other way by which such web services can be accessed?

[FON]

I read your first post about connection to .NET web service from java.

To be honest if you are using this for learning I think you should better find
one of many java web service tutorials and do that.

This .NET web service with policy and authorization is advanced example.

When you create client code from WSDL file you will see that classes are not
simple to understand. You must have some knowledge of service.

Java Code:

ConduitServiceSoapProxy p = new ConduitServiceSoapProxy(); 
GetDataResponseGetDataResult result =  p.getData("String", "1", ss, 3);

This is how you can call getData() web service operation
but what about arguments in
getData(
String strClassName, String strEntityID, StringHolder strLastPollDateTime, int organizationID)

Do you know anything about their meaning???

Even if you do how will you perform authentication during this call
and what do you know about server policy file???

I don't mean to discourage you at all, but if you don't know answers to those question
and you don't have server side documentation or help
you better forget about it, it's mission impossible.

There are many easier way to start learning this ;)

[madhu_sushmi]

Hi
I agree with you that it is bit complex. Even I will choose a simple one if i am trying to learn this. But this is my project requirement. So please help me.

[FON]

OK then, let's go back to the start.

Have you downloaded WSDL file...:

https://pilot.xatanet.net/xatanetweb...vice.asmx?WSDL

...and created client code?

What is your IDE? Netbeans, Eclipse...?

Most important: can u answer any of my questions from my previous post?

[madhu_sushmi]

Eclipse
I have downloaded wsdl file and created stubs files too ..

[madhu_sushmi]

I have used WsseClientHandler.PasswordOption to set it as clear text..And Call.SetUserName and Call.SetPassword to set credentials.
Even then it is showing me the same error as "It doesnt match the context it is referring to " .

After setting this WSSecurityContext.CREDENTIAL_PROVIDER_LIST property , It is showing me Null pointer Exception. If you have worked on this , please help me with this .

[FON]

Who is creator of thi XATANET host application?

How come you are not provided with parameter values
to call getData() and ModifyData() ???

<eActionType>Add or Update or Delete</eActionType>
<strClassName>string</strClassName>
<strEntityID>string</strEntityID>
<objXmlDocument>xml</objXmlDocument>

and

<strClassName>string</strClassName>
<strEntityID>string</strEntityID>
<strLastPollDateTime>string</strLastPollDateTime>
<OrganizationID>int</OrganizationID>

You dont need web service to test this if they give it to you.

You can create simple HTTP POST client application and
post xml with proper values ...BUT... !

...there is https server with server certificate and some policy file?

Ask them to help you.

Forget coding if you don't have this security info.

[madhu_sushmi]

It uses wse authentication. I have all necessary details to call the web service .But still not able to figure how to make it work properly.

[madhu_sushmi]

Please help me with the ways u can. I have tried using Rampart. I am not able to figure out how to work with it.
I am helpless now. Please help me

[FON]

Now, let's say that initially you can use Axis as engine to create
web service client from that WSDL.

WSDL does not yet have the ability to describe WS-Security.

So you will end up with several classes.

In stub class you will have something basic like:

Java Code:

 public net.xatanet.www.xatanetwebservice.conduitservice.GetDataResponseGetDataResult getData(java.lang.String strClassName, java.lang.String strEntityID, javax.xml.rpc.holders.StringHolder strLastPollDateTime, int organizationID) throws java.rmi.RemoteException {
        if (super.cachedEndpoint == null) {
            throw new org.apache.axis.NoEndPointException();
        }
        org.apache.axis.client.Call _call = createCall();

        
        _call.setOperation(_operations[0]);
        _call.setUseSOAPAction(true);
        _call.setSOAPActionURI("http://www.xatanet.net/xatanetwebservice/conduitservice/GetData");
        _call.setEncodingStyle(null);
        _call.setProperty(org.apache.axis.client.Call.SEND_TYPE_ATTR, Boolean.FALSE);
        _call.setProperty(org.apache.axis.AxisEngine.PROP_DOMULTIREFS, Boolean.FALSE);
        _call.setSOAPVersion(org.apache.axis.soap.SOAPConstants.SOAP11_CONSTANTS);
        _call.setOperationName(new javax.xml.namespace.QName("http://www.xatanet.net/xatanetwebservice/conduitservice", "GetData"));

        setRequestHeaders(_call);
        setAttachments(_call);
 try {        java.lang.Object _resp = _call.invoke(new java.lang.Object[] {strClassName, strEntityID, strLastPollDateTime.value, new java.lang.Integer(organizationID)});

Now is main question - what you have to add to "call" to make it work.

Are you using Axis?

This maybe can help:

axis-wsse # WS-Security implementation for Axis

Maybe with that API you can add needed properties to "call" and try invoking server.

Use debugger and see how "call" is set and do you need security header in it.
If you need security header there are ways to add it manually.

Be sure you understand mechanism behind this security extension
and specilay pay attention on SOAP messages that come out at the end
and their format.

[FON]

Do you have documentation that describes
security SOAP messages like:

...

Java Code:

<S:Envelope xmlns:S="http://www.w3.org/2001/12/soap-envelope"
            xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext">
    <S:Header>
            ...
        <wsse:Security>
            <wsse:UsernameToken>
                <wsse:Username>Zoe</wsse:Username>
                <wsse:Password>ILoveDogs</wsse:Password>
            </wsse:UsernameToken>
        </wsse:Security>
            ...
    </S:Header>
    ...
</S:Envelope>

...


Is UsernameToken in this format:

<UsernameToken Id="...">
<Username>...</Username>
<Password Type="...">...</Password>
</UsernameToken>

--

The hardest part about this is using security token along with each request. These info are not sent as parameters to the web server operations.
Instead you're expected to send them within the WS-Security header using a UsernameToken.

You supply your developer's token in the "Username element" password in the 'Password' element.

I guess that the simpliest model is used here for security token - "Unsigned security token" ?? Or maybe not so you must deal with "digest" of password maybe...

You must send this header with each message sent to the service
(both getData() and ModifyData() )so there is no security session.

[FON]

What namespaces are used in envelope:

Like:

<S:Envelope
xmlns:S="http://www.w3.org/2001/12/soap-envelope"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

Whay URL's you have there?

[FON]

Did you go through specification:

http://docs.oasis-open.org/wss/2004/...curity-1.0.pdf

and

http://docs.oasis-open.org/wss/2004/...rofile-1.0.pdf

After you read it take your SOAP messages and clear up the whole concept.
After that go to API's and impl.

[FON]

At the end of day looks like the only way out is Axis2 and Rampart.

Here is tutor for you:
Java Web services: Axis2 WS-Security basics

[madhu_sushmi]

Hi
Thanks a lot for your help :)
But still i am not able to get it done.
I have written code for using Rampart. I have gone through it to know how does it work.
I am developing my code in Eclipse.
I dont know where should i put my .mar files to make it work.
It always says the error that " trying to engage a module which is not available"
Please guide me

[madhu_sushmi]

When i am writing code in this eclipse , i am not running it with any configured server. I am just running it with inbuilt one.
When i use Rampart implementation , I am getting this error.

I tried CXF too. But i am not able to use CXF WSDL2JAVA tool .. It is showing me error.. It is not creating stubs. so please tell how i should proceed. Monday is my deadline. Please help me to finish it .

[FON]

I am helping you but you are not helping me at the moment.

I asked several questions in previous posts in order to clear things up
and understand what is in those SOAP messages, without that info
I have no place to start.

Unfortunately i have no experience with Rampart.

[madhu_sushmi]

SOAP Header contains :
<UsernameToken Id="...">
<Username>...</Username>
<Password Type="...">...</Password>
</UsernameToken>

I am not able to manually add this type of header :(
How to achieve this. I have tried ordinary methods of creating new header..I dont know how to interrupt the outgoing message and add this header.

Not successful with using Rampart and CXF..

[madhu_sushmi]

I have values for all the parameters. I have username password too.
Only thing i want to know is how to proceed with development.

I have tried like this


Service service=new Service();
Call call = (Call) service.createCall();

call.setTargetEndpointAddress(new URL("https://pilot.xatanet.net/xatanetwebservice/conduitservice.asmx"));

call.setOperationName(new QName("GetData"));

call.setUsername(username);
call.setPassword(passwd);
call.setUseSOAPAction(true);

System.out.println(call.invoke(new Object[]{param1,param2,param3,param4}));

It is showing me error like "WSE402: The message does not conform to the policy it was mapped to"

And the other method what i tried is :



Service service = Service.create(url, serviceName);

Dispatch dispatch = service.createDispatch(portName,SOAPMessage.class, Service.Mode.MESSAGE);



dispatch.getRequestContext().put(Dispatch.USERNAME _PROPERTY,
username);
dispatch.getRequestContext().put(Dispatch.PASSWORD _PROPERTY,
password);
MessageFactory mf = MessageFactory.newInstance();
SOAPMessage req = mf.createMessage();
System.out.println(req.getSOAPHeader());

SOAPMessage res = (SOAPMessage) dispatch.invoke(req);

Not successful with this method too.

[madhu_sushmi]

So i tried creating header manually
Service service = Service.create(serviceName);

service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING, endpointAddress);

Dispatch<SOAPMessage> dispatch =
service.createDispatch(portName, SOAPMessage.class, Service.Mode.MESSAGE);

BindingProvider bp = (BindingProvider) dispatch;


Map<String, Object> rc = bp.getRequestContext();
rc.put(BindingProvider.SOAPACTION_USE_PROPERTY, Boolean.TRUE);
rc.put(BindingProvider.SOAPACTION_URI_PROPERTY, "hello");
rc.put(BindingProvider.USERNAME_PROPERTY,username) ;
rc.put(BindingProvider.PASSWORD_PROPERTY,password) ;


MessageFactory factory =
((SOAPBinding) bp.getBinding()).getMessageFactory();
System.out.println(factory.createMessage().getSOAP Header());


SOAPFactory spf=SOAPFactory.newInstance();

SOAPElement sHelem1 = spf.createElement("authHeader1","wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
SOAPElement sCHelem11 = spf.createElement("id","wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");

sCHelem11.addTextNode(username);
SOAPElement sCHelem12 = spf.createElement("password","wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
sCHelem12.addTextNode(password);

sHelem1.addChildElement(sCHelem11);
sHelem1.addChildElement(sCHelem12);

System.out.println(sCHelem11);

SOAPMessage request = factory.createMessage();

request.getSOAPHeader().addChildElement(sHelem1);

SOAPBody body = request.getSOAPBody();

QName payloadName =
new QName("http://www.xatanet.net/xatanetwebservice/conduitservice", "GetData", "s");

SOAPBodyElement payload = body.addBodyElement(payloadName);

SOAPElement message = payload.addChildElement("strClassName");

message.addTextNode(param1);

SOAPElement message1 = payload.addChildElement("strEntityId");

message.addTextNode(param2);

SOAPElement message2 = payload.addChildElement("strLastPollDateTime");

message.addTextNode(param3);

SOAPElement message3 = payload.addChildElement("OrganizationID");

message3.addTextNode(param4);

SOAPMessage reply = null;

try {
reply = dispatch.invoke(request);
} catch (WebServiceException wse){
wse.printStackTrace();
}

body = reply.getSOAPBody();

QName responseName =
new QName("http://www.xatanet.net/xatanetwebservice/conduitservice", "GetDataSoapOut");

SOAPBodyElement bodyElement = (SOAPBodyElement)body.getChildElements(responseNam e).next();
String message4 = bodyElement.getValue();



But when i use this method , header is being passed as null. So it is showing me the same error "WSE402: The message does not conform to the policy it was mapped to"