none
ClientCredentials.UserName from Java client RRS feed

  • Question

  • Hi all

    I have a WCF service which will be consumed by a Java client.

    I am planning to use wsHttpBinding and Custom Validation inheriting UserNamePasswordValidator.

    It's straight forward from a .NET client to send the credentials using ClientCredentials.UserName.UserName and ClientCredentials.UserName.Password. But will be possible to send the credentials via a Java client.

    I could ask them to send us the credentials as parameters to the actual service methods but then how can I assign them to my Validate method within the WCF service, as the validation is done out of the box as configured in the wcf config (<userNameAuthentication userNamePasswordValidationMode="Custom")

    Thanks

    Wednesday, November 6, 2013 1:48 PM

Answers

  • Hi,

    Java has several libraries that can invoke WCF. For your quesiton, we can use Web Services Interoperability Technologies (WSIT) do access the WCF Service from java client.

    Here are some information, please try to refer to:

    The following is the custom UserNamePasswordValidator:

    namespace ServerWcfService.CustomValidators 
    {
    public class MyCustomValidator : UserNamePasswordValidator
    {
    public override void Validate(string userName, string password)
    {
    if (string.IsNullOrEmpty(userName))
    throw new ArgumentNullException("userName");
    if (string.IsNullOrEmpty(password))
    throw new ArgumentNullException("password");
    if (userName != "xiaozhuang" || password != "123456")
    throw new SecurityTokenException("Error username or password");
    }
    }
    }

    In the service side config file:
    <system.serviceModel> 
    
            <bindings> 
    
                <wsHttpBinding> 
    
                    <binding name="mySecureBinding"> 
    
                        <security mode="Message"> 
    
                            <message clientCredentialType="UserName"/> 
    
                        </security> 
    
                    </binding> 
    
                </wsHttpBinding> 
    
            </bindings> 
    
            <services> 
    
                <service behaviorConfiguration="ServerWcfService.Services.MySimpleServiceBehavior" name="ServerWcfService.Services.MySimpleService"> 
    
                    <endpoint address="" binding="wsHttpBinding" contract="ServerWcfService.ServiceContracts.IMySimpleService" bindingConfiguration="mySecureBinding"> 
    
                        <identity> 
    
                            <dns value="MyServerCert"/> 
    
                        </identity> 
    
                    </endpoint> 
    
                    <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/> 
    
                </service> 
    
            </services> 
    
            <behaviors> 
    
                <serviceBehaviors> 
    
                    <behavior name="ServerWcfService.Services.MySimpleServiceBehavior"> 
    
                        <serviceMetadata httpGetEnabled="true"/> 
    
                        <serviceDebug includeExceptionDetailInFaults="false"/> 
    
                        <serviceCredentials> 
    
                            <serviceCertificate findValue="MyServerCert" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My"/> 
    
                            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="ServerWcfService.CustomValidators.MyCustomValidator,ServerWcfService"/> 
    
                        </serviceCredentials> 
    
                    </behavior> 
    
                </serviceBehaviors> 
    
            </behaviors> 
    
        </system.serviceModel>
    
    
    

    Then here are some code snippets for calling wcf in java client:

    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
        throws ServletException, IOException {
             response.setContentType("text/html;charset=UTF-8");
            PrintWriter out = response.getWriter();
            org.tempuri.MySimpleService client;
            org.tempuri.IMySimpleService port;
            try {
                client = new MySimpleService();
                port = client.getWSHttpBindingIMySimpleService();
                ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "xiaozhuang");
                ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "123456");
                String test = port.printMessage("Hello World!");
                //TODO output your page here
                out.println("<html>");
                out.println("<head>");
                out.println("<title>Servlet NewServlet</title>");  
                out.println("</head>");
                out.println("<body>");
                out.println("<h1>Servlet NewServlet at " + request.getContextPath () + "</h1>");
                out.println("<h1> " + test + "</h1>");
                out.println("</body>");
                out.println("</html>");
            } finally { 
                out.close();
            }
        } 
    Best Regards,
    Amy Peng

    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.


    Thursday, November 7, 2013 9:18 AM
    Moderator
  • So you can ask the client development team to send User name and password in header of SOAP body , and how it done in java , depends upon what java framework you are using for soap client 

    Actually when you apply 

    ClientCredentials.UserName.UserName and ClientCredentials.UserName.Password updated the SOAP headers like below 

    <wsse:UsernameToken>

         <wsse:Username>username here</wsse:Username

         <wsse:Password Type="http://docs.oasis-...">password here</wsse:Password>

     </wsse:UsernameToken>

    Hope it helps 

    Ashwini

    Wednesday, November 6, 2013 7:33 PM

All replies

  • So you can ask the client development team to send User name and password in header of SOAP body , and how it done in java , depends upon what java framework you are using for soap client 

    Actually when you apply 

    ClientCredentials.UserName.UserName and ClientCredentials.UserName.Password updated the SOAP headers like below 

    <wsse:UsernameToken>

         <wsse:Username>username here</wsse:Username

         <wsse:Password Type="http://docs.oasis-...">password here</wsse:Password>

     </wsse:UsernameToken>

    Hope it helps 

    Ashwini

    Wednesday, November 6, 2013 7:33 PM
  • Hi,

    Java has several libraries that can invoke WCF. For your quesiton, we can use Web Services Interoperability Technologies (WSIT) do access the WCF Service from java client.

    Here are some information, please try to refer to:

    The following is the custom UserNamePasswordValidator:

    namespace ServerWcfService.CustomValidators 
    {
    public class MyCustomValidator : UserNamePasswordValidator
    {
    public override void Validate(string userName, string password)
    {
    if (string.IsNullOrEmpty(userName))
    throw new ArgumentNullException("userName");
    if (string.IsNullOrEmpty(password))
    throw new ArgumentNullException("password");
    if (userName != "xiaozhuang" || password != "123456")
    throw new SecurityTokenException("Error username or password");
    }
    }
    }

    In the service side config file:
    <system.serviceModel> 
    
            <bindings> 
    
                <wsHttpBinding> 
    
                    <binding name="mySecureBinding"> 
    
                        <security mode="Message"> 
    
                            <message clientCredentialType="UserName"/> 
    
                        </security> 
    
                    </binding> 
    
                </wsHttpBinding> 
    
            </bindings> 
    
            <services> 
    
                <service behaviorConfiguration="ServerWcfService.Services.MySimpleServiceBehavior" name="ServerWcfService.Services.MySimpleService"> 
    
                    <endpoint address="" binding="wsHttpBinding" contract="ServerWcfService.ServiceContracts.IMySimpleService" bindingConfiguration="mySecureBinding"> 
    
                        <identity> 
    
                            <dns value="MyServerCert"/> 
    
                        </identity> 
    
                    </endpoint> 
    
                    <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/> 
    
                </service> 
    
            </services> 
    
            <behaviors> 
    
                <serviceBehaviors> 
    
                    <behavior name="ServerWcfService.Services.MySimpleServiceBehavior"> 
    
                        <serviceMetadata httpGetEnabled="true"/> 
    
                        <serviceDebug includeExceptionDetailInFaults="false"/> 
    
                        <serviceCredentials> 
    
                            <serviceCertificate findValue="MyServerCert" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My"/> 
    
                            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="ServerWcfService.CustomValidators.MyCustomValidator,ServerWcfService"/> 
    
                        </serviceCredentials> 
    
                    </behavior> 
    
                </serviceBehaviors> 
    
            </behaviors> 
    
        </system.serviceModel>
    
    
    

    Then here are some code snippets for calling wcf in java client:

    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
        throws ServletException, IOException {
             response.setContentType("text/html;charset=UTF-8");
            PrintWriter out = response.getWriter();
            org.tempuri.MySimpleService client;
            org.tempuri.IMySimpleService port;
            try {
                client = new MySimpleService();
                port = client.getWSHttpBindingIMySimpleService();
                ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "xiaozhuang");
                ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "123456");
                String test = port.printMessage("Hello World!");
                //TODO output your page here
                out.println("<html>");
                out.println("<head>");
                out.println("<title>Servlet NewServlet</title>");  
                out.println("</head>");
                out.println("<body>");
                out.println("<h1>Servlet NewServlet at " + request.getContextPath () + "</h1>");
                out.println("<h1> " + test + "</h1>");
                out.println("</body>");
                out.println("</html>");
            } finally { 
                out.close();
            }
        } 
    Best Regards,
    Amy Peng

    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.


    Thursday, November 7, 2013 9:18 AM
    Moderator