On the server side, modify the deployment descriptor file to deploy the WSDoALLReceiver handler. For example:
<deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"> <service name="stock-wss-01" provider="java:RPC" style="document" use="literal"> <requestFlow> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> <parameter name="passwordCallbackClass" value="PWCallback"/> <parameter name="action" value="UsernameToken"/> </handler> </requestFlow> <parameter name="className" value="samples.stock.StockQuoteService"/> <parameter name="allowedMethods" value="getQuote"/> <parameter name="scope" value="application"/> </service> </deployment>
On the client side, create the deployment descriptor file (client_deploy.wsdd) for deploying the WSDoALLSender handler for the SOAP request. For example:
<!-- define the service, use the WSDoAllSender security handler in request flow --> <service name="Ping1"> <requestFlow> <handler type="java:org.apache.ws.axis.security.WSDoAllSender"> <parameter name="action" value="UsernameToken"/> <parameter name="user" value="werner"/> <parameter name="passwordType" value="PasswordText" /> <parameter name="passwordCallbackClass" value="org.apache.ws.axis.oasis.PWCallback1"/> </handler> </requestFlow> </service>
Axis parses the deployment descriptor and provides the parameters and their value to the handler. Each service can have its own request and response flow definition, which provides a flexible setup of the security parameters.
Parameter |
Description |
---|---|
action |
Defines the security action. The valid value is |
user |
Specifies the user name to include in the token. |
passwordType |
Defines the encoding type of password for the UsernameToken. The valid values are:
|
passwordCallbackClass |
Contains the name of a class that implements a method to get the user’s password. |
For more information, see: