How to access the WS-Security headers in a JAX-WS based webservice method (Doc ID 1062865.1)

Last updated on FEBRUARY 24, 2017

Applies to:

Oracle WebLogic Server - Version 10.3 to 12.1.3.0.0
Information in this document applies to any platform.

Goal

Consider the following scenario:

1. You have a JAX-WS based webservice protected with Wssp1.2-2007-Wss1.0-UsernameToken-Plain-X509-Basic256.xml security policy.

2. Inside your webservice method you try to access the security headers using the following standard code.

HeaderList headers =
(HeaderList)wsContext.getMessageContext().get(JAXWSProperties.INBOUND_HEADER_
LIST_PROPERTY);
for (int i=0; i < headers.size(); i++) {
System.out.println("*****Header Information****");
Header header = headers.get(i);
System.out.println(header.getStringContent());
}


3. The security headers are missing while all the other header information is available.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms