|
When registering a service context with the Context Registry service, a security token is returned that you can use to refer to the service context that is stored on the server. You can then use the security token in subsequent requests to the service, so the consumer does not have to re‑send service context information over the wire. To utilize this feature, you must inject the security token into the SOAP header before calling the service. To do this, create a WS‑Security compliant header that contains the security token. Once the header is created, you can add it to the SOAP header. The following code sample shows a method that creates the security header given the security token that was returned by the Context Registry Service:
Example 63.
Creating the security header in Axis2
private OMElement getSecurityHeader(String token)
{
OMFactory omFactory = OMAbstractFactory.getOMFactory();
OMNamespace wsse = omFactory.createOMNamespace(
"http://docs.oasisopen.
org/wss/2004/01/oasis200401wsswssecuritysecext1.0.
xsd",
"wsse");
OMElement securityElement = omFactory.createOMElement("Security", wsse);
OMElement tokenElement = omFactory.createOMElement("BinarySecurityToken",
wsse);
OMNamespace wsu = tokenElement.declareNamespace(
"http://docs.oasisopen.
org/wss/2004/01/oasis200401wsswssecurityutility1.0.
xsd",
"wsu");
tokenElement.addAttribute("QualificationValueType",
"http://schemas.emc.com/documentum#ResourceAccessToken", wsse);
tokenElement.addAttribute("Id", "RAD", wsu);
tokenElement.setText(token);
securityElement.addChild(tokenElement);
return securityElement;
}
Example 64.
Creating the security header in JAXWS
public Element addTokenToHeader(String token){
Element wsseSecurity = null;
Element wsseToken = null;
try
{
Document document =
DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
wsseSecurity = document.createElementNS(WSSE_NAMESPACE, "wsse:Security");
wsseToken = (Element) wsseSecurity.appendChild(
document.createElementNS(
WSSE_NAMESPACE, "wsse:BinarySecurityToken"));
wsseToken.setAttribute("QualificationValueType", EMC_RAD);
wsseToken.setAttributeNS(WSU_NAMESPACE, "wsu:Id", "RAD");
wsseToken.setTextContent(token);
}
catch (ParserConfigurationException e)
{
e.printStackTrace();
}
EMC Documentum Foundation Services Version 6.5 Development Guide 71
Consuming DFS without the DFS Productivity Layer
return wsseSecurity;
}
The following snippet of XML is what the security header should look like. The value for the
BinarySecurityToken element is the token that was returned by the Context Registry Service.
<wsse:Security xmlns:wsse=
"http://docs.oasisopen.
org/wss/2004/01/oasis200401wsswssecuritysecext1.0.
xsd">
<wsse:BinarySecurityToken
QualificationValueType="http://schemas.emc.com/documentum#ResourceAccessToken"
xmlns:wsu=
"http://docs.oasisopen.
org/wss/2004/01/oasis200401wsswssecurityutility1.0.
xsd"
wsu:Id="RAD">
hostname/123.4.56.789123456789123456789012345678901
</wsse:BinarySecurityToken>
</wsse:Security>
|
|
