Invoking a password-protected outbound service
Invoke a password-protected external web service by configuring and deploying a JAX-RPC handler to set the associated user ID and password.
Providers of external web services can use HTTP basic authentication to secure their services. When you configure an outbound service to invoke an external web service that requires HTTP basic authentication, you configure and deploy a JAX-RPC handler at the outbound port to provide the required user ID and password in the form of an HTTP Basic Authentication header. To configure and deploy this handler...
- Create a new JAX-RPC handler class that sets the properties javax.xml.rpc.security.auth.username and javax.xml.rpc.security.auth.password. For example:
public class BasicAuthHandler extends GenericHandler { public QName[] getHeaders() { return null; } public boolean handleRequest(MessageContext mc) { // Insert basic auth properties mc.setProperty("javax.xml.rpc.security.auth.username", "bob"); mc.setProperty("javax.xml.rpc.security.auth.password", "xy129bge"); return super.handleRequest(mc); } }
- Create a new JAX-RPC handler configuration for the handler.
- Create a new JAX-RPC handler list, then select the handler that sets the HTTP basic authentication properties for this service and add it to the handler list.
- Use the instructions given in Modify an existing outbound service configuration to navigate to the console page Service integration -> Buses -> bus_name -> [Services] Outbound Services -> service_name -> Outbound Ports -> port_name, where service and port indicate the outbound port at which you apply the HTTP basic authentication properties.
- Set the JAX-RPC Handler list property by selecting, from the drop-down list, the handler list that sets the HTTP basic authentication properties for this service.
- Save the changes to the master configuration.
Related information:
Password-protecting inbound services Password-protecting a web service operation Access a password-protected proxy server