2

I am trying to make a SOAP service request using Spring WebServiceTemplate however I always get error.

While the same request gives a successful response when I use SOAP UI. The only thing I do differently in SOAP UI is, I select a radio button "Authenticate Pre-emptively"

Below are my COde Snippet for WebServiceTemplate and Client.

@Bean(name = "xxxxxWSTemplate")
public WebServiceTemplate xxxxxWSTemplate() throws Exception {
    final WebServiceTemplate webServiceTemplate = new WebServiceTemplate();
    webServiceTemplate.setDefaultUri(env.getProperty("integration.webservice.url"));
    final Jaxb2Marshaller marshaller = new org.springframework.oxm.jaxb.Jaxb2Marshaller();
    marshaller.setContextPath(ObjectFactory.class.getPackage().getName());
    webServiceTemplate.setMarshaller(marshaller);
    webServiceTemplate.setUnmarshaller(marshaller);

    String userName = env.getProperty("integration.service.xxx.username");
    String password = env.getProperty("integration.service.xxx.password");

    Wss4jSecurityInterceptor wss4jSecurityInterceptor = new Wss4jSecurityInterceptor();
    wss4jSecurityInterceptor.setSecurementUsername(userName);
    wss4jSecurityInterceptor.setSecurementPassword(password);
    wss4jSecurityInterceptor.setSecurementMustUnderstand(true);
    wss4jSecurityInterceptor.setSecurementActions("UsernameToken");
    wss4jSecurityInterceptor.setSecurementPasswordType("PasswordText");
    wss4jSecurityInterceptor.afterPropertiesSet();

    webServiceTemplate.setInterceptors(new ClientInterceptor[] {wss4jSecurityInterceptor});

    return webServiceTemplate;
}

I always get "500-Internal Server Error" from my Code, However same request runs from SOAP-UI.

Mayank Porwal
  • 276
  • 1
  • 3
  • 13
  • Post the stracktrce. Also you aren't calling `afterPropertiesSet` on the `Jaxb2Marshaller`. I would suggest to make the `Jaxb2Marshaller` and interceptor also spring managed beans, that way you don't need to concern yourself with the lifecycle callbacks. – M. Deinum Apr 08 '16 at 09:28

1 Answers1

0

Actually "Authenticate Pre-emptively" is a part of the HTTP client and it fully isn't related to SOAP.

I assume your problem is somewhere around just "Basic Authorization".

I'd suggest to take a look into the HttpComponentsMessageSender:

* {@code WebServiceMessageSender} implementation that uses <a href="http://hc.apache.org/httpcomponents-client">Apache
 * HttpClient</a> to execute POST requests.
 *
 * <p>Allows to use a pre-configured HttpClient instance, potentially with authentication, HTTP connection pooling, etc.
 * Authentication can also be set by injecting a {@link Credentials} instance (such as the {@link
 * UsernamePasswordCredentials}).

Also study the HTTP Authentication from the Apache Commons HTTP Client, e.g. about your "pre-emptive":

HttpClient does not support preemptive authentication out of the box, because if misused or used incorrectly the preemptive authentication can lead to significant security issues, such as sending user credentials in clear text to an unauthorized third party. Therefore, users are expected to evaluate potential benefits of preemptive authentication versus security risks in the context of their specific application environment.

Nothing to do from the Spring Integration perspective, BTW...

Artem Bilan
  • 113,505
  • 11
  • 91
  • 118
  • I tried using HttpComponentsMessageSender as you suggested still get "Internal Server Error". Is there a way to set custom "Authorization" HTTP Header through Java+Spring. – Mayank Porwal Apr 13 '16 at 08:22
  • Any http header is a responsibility of http client, not Spring. Please, study more about Commons http Client. And that would be great to know what is behind that server error on the server side. – Artem Bilan Apr 13 '16 at 12:17