Monday, February 11, 2013

Apache CXF and WS-Security: how to authenticate your client when a password is not required

When dealing with WS-Security, you might need to face a situation when your client needs to authenticate itself with a Username Token, but a password is not required.

At first, you may consider to configure your client map properties as
Map<String, Object> props = new HashMap<String, Object>();
props.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN_NO_PASSWORD);
but at runtime you will find out that this is not the way to go.

Instead, it might take some time to figure out that your client properties map should be configured as
props.put(WSHandlerConstants. ACTION, WSHandlerConstants. USERNAME_TOKEN);
props.put(WSHandlerConstants. PASSWORD_TYPE, WSConstants. PW_NONE);

No comments:

Post a Comment