One of the joys of using the bemokoLive development framework is the ease with which you can integrate with external content services. I’ve recently been working on a site which needs consume a .NET generated webservice.
For this integration, I decided to use GroovyWS which provides a very nice interface to the world of Apache CXF. Setting up the webservice is simplicity itself:
proxy = new WSClient(WSDL URL, this.class.classLoader) proxy.initialize()
This was all going well until I tried to use the login webservice call. The login provides a token which is needed to authenticate all further calls to the webservice. The XML returned from the webservice is:
HTTP/1.1 200 OK Content-Type: text/xml; charset=utf-8 Content-Length: length <?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Header> <AuthHeader xmlns="https://app.restaurantdiary.com/webservices/ReservationService/"> <Token>string</Token> </AuthHeader> </soap:Header> <soap:Body> <LoginResponse xmlns="https://app.restaurantdiary.com/webservices/ReservationService/" /> </soap:Body> </soap:Envelope>
Notice that the token is returned in the SOAP header, not the SOAP body. It seems that CXF is geared up for reading the body of the message only, getting to the headers is not simple. So my problem was being able to get the token and add it to further calls.
I tried many searches of the internet, but it seems that either no one has ever had to do this or they have and didn’t write about it. Hopefully the following example will help if you ever need to do this. The following example is in Groovy.
Before I get to the actual example, let me take a quick diversion, but useful, diversion on logging.
I spent hours trying to see the SOAP request and response that was being sent and received, using network sniffers and the like. Communicating over SSL also meant I was doomed to failure. Then I discovered interceptors, notably the LoggingInInterceptor and the LoggingOutInterceptor. This simple piece of code allowed me to log the incoming and outgoing requests
proxy.client.getInInterceptors().add(new org.apache.cxf.interceptor.LoggingInInterceptor())
proxy.client.getOutInterceptors().add(new org.apache.cxf.interceptor.LoggingOutInterceptor())
I still didn’t have my AuthHeader though. After a lot of experimenting, I found I could access the headers with this piece of code
def headerList = proxy.client.getResponseContext().get(Header.HEADER_LIST)
This was good. Accessing the auth token was fairly simple after that:
SoapHeader sh = headerList[0]
def doc = sh.getObject()
def list = doc.getElementsByTagName("Token")
token = list.item(0).getFirstChild().getNodeValue()
log.debug("Token = " + token)
Yay, token now safely stored in my variables…. Now to add the token to future headers
List<Header> headers = new ArrayList<Header>();
SOAPFactory sf = SOAPFactory.newInstance()
def authElement = sf.createElement(new
QName(namespace, "AuthHeader"))
def tokenElement = authElement.addChildElement("Token")
tokenElement.addTextNode(token)
SoapHeader tokenHeader = new SoapHeader(new QName(namespace, "AuthHeader"), authElement);
headers.add(tokenHeader);
proxy.client.getRequestContext().put(Header.HEADER_LIST, headers)
This code adds the auth header with the token into the SOAP headers for every future request.
Hopefully if you are trying to use SOAP headers with CXF, this post will save you some time.
Thanks for the post, it helped me get through an issue getting a header into a soap message I needed to send to a .NET web service. One requirement was that I needed to add the saaj-impl.jar to get the SOAPFactory to work.