I spent a whole day studying and finally I was able to authenticate with WebService SOAP using JAX-WS, using client generated by Eclipse.
When you add the password and password to the SOAP message, how do you do this? Does it encode?
Customer Code:
RealizarBuscaSOAPService servico_ = servico.getRealizarBuscaSOAPServicePort();
Stub stub = (Stub) servico_;
stub._setProperty(Stub.USERNAME_PROPERTY, "usuario");
stub._setProperty(Stub.PASSWORD_PROPERTY, "senha");
Service code:
@Resource
WebServiceContext webServiceContext;
@SuppressWarnings("rawtypes")
private boolean validaClient(){
MessageContext mc = webServiceContext.getMessageContext();
Map http_headers = (Map) mc.get(MessageContext.HTTP_REQUEST_HEADERS);
System.out.println(http_headers);
String username = null;
String password = null;
List t = (List)http_headers.get("Authorization");
if(t == null || t.size() == 0) {
throw new RuntimeException("Auth failed");
}
String encodedText = ((String) t.get(0)).substring(5);
System.out.println("ENCODED TEXT:"+encodedText);
byte[] buf = null;
try {
buf = Base64.decode(encodedText.getBytes());
} catch (Base64DecodingException e) {
e.printStackTrace();
}
String credentials = new String(buf);
System.out.println("decoded text: "+credentials);
int p = credentials.indexOf(":");
if(p > -1){
username = credentials.substring(0,p);
password = credentials.substring(p+1);
} else {
throw new RuntimeException("Error in decoding");
}
return autentica(username, password);
}
Why this Base64 decode? When the password and password are placed in the header, are they encoded using base 64 ?? Does the service and the client exchange any keys?
The only authentication that exists in REST would be at HTTP level and directly in the service URL with some key or user and password directly in the service URL?