This discussion is archived
3 Replies Latest reply: Jan 8, 2013 12:25 AM by 870199 RSS

jax-ws: dynamic proxy-suppress weblogic's default ws-policy handling

533972 Newbie
Currently Being Moderated
hi all,

i am writing my own jax-ws client (dynamic proxy) to call a web service, secured by usernametoken profile.
the wsdl of the web service do include the ws-policy information.

sample client side code:
---------------------------------------------------------------------------------------------------------------
URL url = new URL("path_to_wsdl_file");
QName serviceQname = new QName("http://model/", "CalculationService");
Service service = Service.create(url, serviceQname);

//add resolver and jax-ws handler to add username token SOAPElement fragment to the SOAP message.
...
...
---------------------------------------------------------------------------------------------------------------

the above code runs fine in J2SE 6.0 environment (without any weblogic-specific library).

but when i run the above code in a servlet (running in weblogic), the above code fails with the following error:
---------------------------------------------------------------------------------------------------------------
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Unable to add security token for identity, token uri =http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken
at com.sun.xml.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:196)
at com.sun.xml.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:122)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:119)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:89)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:118)
at $Proxy23.add(Unknown Source)
at client.ServiceLocator.main(ServiceLocator.java:32)
---------------------------------------------------------------------------------------------------------------

it seems that the weblogic server will try to handle the ws-policy element (according to those in the wsdl), even though
i have already added the username-token security header by my own code.

As i don't add some weblogic-specific code (e.g. weblogic.wsee.security.unt.ClientUNTCredentialProvider), the web service call fails.

is it possible to disable/suppress such behavior (weblogic runtime handle the ws-policy element) per web service call???

(i don't want a server scope solution, as there may be other web service client running on the same weblogic server that rely on such behavior).

i don't want to use weblogic's API (e.g. ClientUNTCredentialProvider) as i want my web service client be portable (username token is easy to be handled by my own code)

thank you.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points