How does WebService SOAP / Rest work with JAX-WS?

2

I spent a whole day studying and finally I was able to authenticate with WebService SOAP using JAX-WS, using client generated by Eclipse.

When you add the password and password to the SOAP message, how do you do this? Does it encode?

Customer Code:

RealizarBuscaSOAPService servico_ = servico.getRealizarBuscaSOAPServicePort();
Stub stub = (Stub) servico_;
stub._setProperty(Stub.USERNAME_PROPERTY, "usuario");
stub._setProperty(Stub.PASSWORD_PROPERTY, "senha");

Service code:

    @Resource
WebServiceContext webServiceContext;

@SuppressWarnings("rawtypes")
private boolean validaClient(){
    MessageContext mc = webServiceContext.getMessageContext();
    Map http_headers = (Map) mc.get(MessageContext.HTTP_REQUEST_HEADERS);
    System.out.println(http_headers);

    String username = null;
    String password = null;

    List t = (List)http_headers.get("Authorization");
    if(t == null || t.size() == 0) {
        throw new RuntimeException("Auth failed");
    }

    String encodedText = ((String) t.get(0)).substring(5);
    System.out.println("ENCODED TEXT:"+encodedText);


    byte[] buf = null;
    try {
        buf = Base64.decode(encodedText.getBytes());
    } catch (Base64DecodingException e) {
        e.printStackTrace();
    }
    String credentials = new String(buf);
    System.out.println("decoded text: "+credentials);

    int p = credentials.indexOf(":");

    if(p > -1){
        username = credentials.substring(0,p);
        password = credentials.substring(p+1);
    } else {
        throw new RuntimeException("Error in decoding");
    }

    return autentica(username, password);
}

Why this Base64 decode? When the password and password are placed in the header, are they encoded using base 64 ?? Does the service and the client exchange any keys?

The only authentication that exists in REST would be at HTTP level and directly in the service URL with some key or user and password directly in the service URL?

    
asked by anonymous 10.05.2014 / 18:43

1 answer

1

About Base64 encoding: This is necessary because it is a way to ensure that user login and password contents do not change during client-server transfers. It consists of 64 characters ( A-Z , a-z , 0-9 , / and + , plus the suffix = )

It is used in the HTTP protocol for authentication, which you are using in:

List t = (List)http_headers.get("Authorization"); 

Since HTTP sets authentication in the following format:

  

username: password

The server receives Base64-encoded authentication in the format above. That's why in your code, you had to decode and break the string in : :

int p = credentials.indexOf(":");

if(p > -1){
    username = credentials.substring(0,p);
    password = credentials.substring(p+1);
} else {
    throw new RuntimeException("Error in decoding");
}
    
10.05.2014 / 19:04