Hi,

Securing WebService is one of the most basic requirement while developing and testing webservices. There are various ways for securing webservice applications. One of the technique is Securing WebServices using UserNameToken. In this technique of securing webservices the client sets a SOAP header in every request that contains a username and password. The password is sent in the header in plain text. To be secure all HTTP requests and responses should be SSL encrypted.

In this example we will see how we can secure a WebService which is going to be deployed on JBoss AS6 5.1.

Step1). Create a directory somewhere in your file system with some name like “C:/UserNameToken_WebService”. then create two directories with name “src” and “clientSrc” inside “UserNameToken_WebService” directory.

Step2). Write the WebService End point “UsernameEndpoint.java” inside “C:/UserNameToken_WebService/src” directory as following:

package wssecurity;
import javax.jws.WebMethod;
import javax.jws.WebResult;
import javax.jws.WebService;
import javax.jws.soap.SOAPBinding;

@WebService(name = "UsernameEndpoint", targetNamespace = "http://wssecurity")
@SOAPBinding(style = SOAPBinding.Style.RPC)
public interface UsernameEndpoint
  {
    @WebMethod
    @WebResult(partName = "return")
    public String getUsernameToken();

  }

Step3). Write the Service implementation class “UsernameBean.java” program inside “C:/UserNameToken_WebService/src” directory like following:

package wssecurity;
import java.security.Principal;
import javax.annotation.Resource;
import javax.jws.WebMethod;
import javax.jws.WebResult;
import javax.jws.WebService;
import javax.jws.soap.SOAPBinding;
import javax.xml.ws.WebServiceContext;
import org.jboss.ws.annotation.EndpointConfig;

@WebService(name = "UsernameEndpoint", serviceName = "UsernameService", targetNamespace = "http://wssecurity")
@EndpointConfig(configName = "Standard WSSecurity Endpoint")
@SOAPBinding(style = SOAPBinding.Style.RPC)
NOTE:e If you will not set fork="true"    in the client's run target (as mentioned in line-150 of above script) then the jvmargs wil be ignored
public class UsernameBean
{
   @Resource
   WebServiceContext wsCtx;

   @WebMethod
   @WebResult(partName = "return")
   public String getUsernameToken()
   {
      Principal principal = wsCtx.getUserPrincipal();
      System.out.println("nt[WebService- UsernameBean] getUsernameToken: " + principal);
      return "Hello User: "+principal.toString();
   }
}

Step4). Write the “jboss-wsee-server.xml” if you want to add any additional security feature for your webservice. Put it inside inside “C:/UserNameToken_WebService/src” directory like following (Currently it does not have anything specific to WSSE):

<?xml version="1.0" encoding="UTF-8"?>
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
</jboss-ws-security>

Step5). Create a “web.xml” file inside “C:/UserNameToken_WebService/src” to describe the WebService servlet declaration like following:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
  <servlet>
    <servlet-name>UsernameService</servlet-name>
    <servlet-class>org.jboss.wsf.stack.jbws.EndpointServlet</servlet-class>
    <init-param>
      <param-name>jboss.ws.endpoint</param-name>
      <param-value>wssecurity.UsernameBean</param-value>
    </init-param>
  </servlet>

  <servlet-mapping>
    <servlet-name>UsernameService</servlet-name>
    <url-pattern>/*</url-pattern>
  </servlet-mapping>

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>UsernameService</web-resource-name>
      <url-pattern>/*</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>friend</role-name>
    </auth-constraint>
  </security-constraint>
  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>JBossWS</realm-name>
  </login-config>
  <security-role>
    <role-name>friend</role-name>
  </security-role>
</web-app>

Step6). Create a “jboss-web.xml” file inside “C:/UserNameToken_WebService/src” to describe the define the security Domain configuration for your webservice authentication/authorization purpose like following:

<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
  <security-domain>java:/jaas/JBossWS</security-domain>
</jboss-web>

NOTE: Here we are using the default web service security domain policy, which is configured already inside “$PROFILE/conf/login-config.xml” file as following:

<?xml version="1.0" encoding="UTF-8"?>
  <application-policy name="JBossWS">
    <authentication>
      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
        <module-option name="usersProperties">props/jbossws-users.properties</module-option>
        <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
        <module-option name="unauthenticatedIdentity">anonymous</module-option>
      </login-module>
    </authentication>
  </application-policy>

NOTE: And the username and password’s are mentioned in “$PROFILE/conf/props/jbossws-users.properties” this username/password is COMMENTED in this file …So please uncomment it. You can follow previous directory as following the previously posted articles if you want to create your own roles and users and application-policies:

Step7). Now we will write the Client “SimpleUsernameTestCase.java” inside “C:/UserNameToken_WebService/clientSrc” directory as following:

package client.wssecurity;
import java.io.File;
import java.net.URL;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;
import org.jboss.ws.core.StubExt;
import org.jboss.wsf.test.JBossWSTestSetup;

public class SimpleUsernameTestCase
{
   private static UsernameEndpoint port;
    public static void main(String ar[]) throws Exception
    {
         SimpleUsernameTestCase client=new SimpleUsernameTestCase();

         URL wsdlURL = client.getClass().getClassLoader().getResource("META-INF/wsdl/UsernameTokenService.wsdl");  //new File("META-INF/wsdl/UsernameService.wsdl").toURL();
         URL securityURL = client.getClass().getClassLoader().getResource("META-INF/jboss-wsse-client.xml");
         System.out.println("WSDL URL: "+wsdlURL);
         System.out.println("Security URL: "+securityURL);

         System.out.println(" org.jboss.ws.core.StubExt loaded .." + org.jboss.ws.core.StubExt.class.getProtectionDomain().getCodeSource().getLocation());
         QName serviceName = new QName("http://wssecurity", "UsernameService");
         Service service = Service.create(wsdlURL, serviceName);

         port = (UsernameEndpoint)service.getPort(UsernameEndpoint.class);
         System.out.println("nt2 ");

         ((org.jboss.ws.core.StubExt)port).setSecurityConfig(securityURL.toExternalForm());
         ((org.jboss.ws.core.StubExt)port).setConfigName("Standard WSSecurity Client");

         System.out.println("nt3 ");
         Map<String, Object> reqContext = ((BindingProvider)port).getRequestContext();
         reqContext.put(BindingProvider.USERNAME_PROPERTY, "kermit");
         reqContext.put(BindingProvider.PASSWORD_PROPERTY, "thefrog");
         System.out.println("nt4 ");
         String retObj = port.getUsernameToken();
         System.out.println("nt5 Call Successfuly Made.");
    }
}

Step8). Just incase if you want to add some security related informations from Client side as well in that case you can place the following file at client side. So create a file with name “C:/UserNameToken_WebService/clientSrc/META-INF/jboss-wsse-client.xml” like following:

<?xml version="1.0" encoding="UTF-8"?>
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
  <config>
      <username/>
  </config>
</jboss-ws-security>

Step9). Now write the ant build script “build.xml” file inside “C:/UserNameToken_WebService” as following:

<project name="JBoss_Service" default="post-deploy">
<property name="jboss.home" value="/home/userone/JBoss_All/jboss-AS6/jboss-as" />
<property name="jboss.profile" value="${jboss.home}/server/default_Audit" />
<property name="java.home.dir" value="/home/userone/MyJdks/jdk1.6.0_05" />
<property name="basedir" value="." />
<property name="war.name" value="UsernameTokenService.war" />
<property name="src.dir" value="src" />
<property name="client.src.dir" value="${basedir}/clientSrc" />
<property name="dest.dir" value="build" />
<property name="client.dir" value="${basedir}/clientStuff" />
<property name="client.jar.name" value="usernameTokenClient.jar" />

<path id="jboss.classpath">
   <fileset dir="${jboss.home}/lib/endorsed">
      <include name="*.jar"/>
   </fileset>
   <fileset dir="${jboss.home}/common/lib">
      <include name="*.jar"/>
   </fileset>
   <fileset dir="${jboss.home}/lib">
      <include name="*.jar"/>
   </fileset>
   <fileset dir="${jboss.home}/client">
      <include name="*.jar"/>
      <!-- this Jar contains "org.jboss.ws.annotation.EndpointConfig"  -->
   </fileset>
   <fileset dir="${java.home.dir}/jre/lib">
       <include name="rt.jar" />
   </fileset>
   <fileset dir="${java.home.dir}/lib">
       <include name="tools.jar" />
   </fileset>
</path>

<path id="jboss.client.classpath">
   <fileset dir="${jboss.home}/lib/endorsed">
      <include name="*.jar"/>
   </fileset>

   <fileset dir="${jboss.home}/client">
      <include name="activation.jar"/>
      <include name="getopt.jar"/>
      <include name="wstx.jar"/>
      <include name="jbossall-client.jar"/>
      <include name="log4j.jar"/>
      <include name="mail.jar"/>
      <include name="jbossws-spi.jar"/>
      <include name="jbossws-common.jar"/>
      <include name="jbossws-framework.jar"/>

      <!--# Shared jaxws libs -->
      <include name="jaxws-tools.jar"/>
      <include name="jaxws-rt.jar"/>
      <include name="stax-api.jar"/>
      <include name="jaxb-api.jar"/>
      <include name="jaxb-impl.jar"/>
      <include name="jaxb-xjc.jar"/>
      <include name="streambuffer.jar"/>
      <include name="stax-ex.jar"/>

      <!--# Stack specific dependencies -->
      <include name="javassist.jar"/>
      <include name="jboss-xml-binding.jar"/>
      <include name="jbossws-native-client.jar"/>
      <include name="jbossws-native-core.jar"/>
      <include name="jbossws-native-jaxws.jar"/>
      <include name="jbossws-native-jaxws-ext.jar"/>
      <include name="jbossws-native-jaxrpc.jar"/>
      <include name="jbossws-native-saaj.jar"/>
   </fileset>

</path>

        <taskdef name="apt" classname="com.sun.tools.ws.ant.Apt">
 	  <classpath refid="jboss.classpath"/>
	</taskdef>
        <taskdef name="wsimport" classname="com.sun.tools.ws.ant.WsImport">
          <classpath refid="jboss.classpath"/>
        </taskdef>

        <target name="prepare">
           <delete dir="${dest.dir}" />
           <mkdir dir="${dest.dir}" />
           <mkdir dir="${dest.dir}/${war.name}"/>
           <mkdir dir="${dest.dir}/${war.name}/WEB-INF"/>
           <mkdir dir="${dest.dir}/${war.name}/WEB-INF/classes"/>
           <delete dir="${client.dir}" />
           <mkdir dir="${client.dir}"/>
        </target>

	<target name="build-service" depends="prepare">
	    <apt    fork="true"
	            destdir="${dest.dir}/${war.name}/WEB-INF/classes"
	            sourcedestdir="${dest.dir}/${war.name}/WEB-INF/classes"
	            sourcepath="${src.dir}">
	        <classpath>
	            <path refid="jboss.classpath"/>
	            <pathelement location="${basedir}/src"/>
	        </classpath>
	        <source dir="${basedir}">
	            <include name="src/**/*.java"/>
	        </source>
	    </apt>
	    <!-- copy handlers descriptor file -->
	    <copy todir="${dest.dir}/${war.name}/WEB-INF">
	        <fileset dir="${basedir}/src">
	            <include name="**/*.xml"/>
	        </fileset>
	    </copy>
	</target>

        <target name="deploy" depends="build-service">
             <copy todir="${jboss.profile}/deploy">
                  <fileset dir="./build"/>
             </copy>
        </target>

        <target name="post-deploy" depends="deploy">
            <echo message="*******************  NOTE  *********************" />
            <echo message="WebService deployed Successfully. As the Basic Authentication is Enabled for this webservice"/>
            <echo message="So Access the WSDL in following format from Browser"/>
            <echo message="http://kermit:thefrog@localhost:8080/UsernameTokenService?wsdl" />
            <echo message="Syntax: " />
            <echo message="http://Username:Password@localhost:8080/UsernameTokenService?wsdl" />
            <echo message="and then store it in your file system with following name:" />
            <echo message="${client.src.dir}/META-INF/wsdl/UsernameTokenService.wsdl "/>
            <echo message="And then run the ' ant client' To generate client artifacts" />
            <echo message="************************************************" />
        </target>

        <target name="client" >
            <delete dir="${client.dir}" />
            <mkdir dir="${client.dir}"/>
            <mkdir dir="${client.dir}/META-INF"/>
            <wsimport destdir="${client.dir}"
                      wsdl="${client.src.dir}/META-INF/wsdl/UsernameTokenService.wsdl"
                      package="client.wssecurity"
                      keep="true">
            </wsimport>

            <javac srcdir="${client.src.dir}" destdir="${client.dir}"  includes="SimpleUsernameTestCase.java" classpathref="jboss.client.classpath"/>
            <jar jarfile="${client.dir}/${client.jar.name}" basedir="${client.dir}" compress="true" >
                <metainf dir="${client.src.dir}/META-INF">
                    <filename name="**/*"/>
                </metainf>
            </jar>
        </target>

        <target name="run" >
            <java classname="client.wssecurity.SimpleUsernameTestCase" fork="true"  >
	        <classpath>
	            <pathelement location="${client.dir}/${client.jar.name}"/>
	            <path refid="jboss.client.classpath"/>
	        </classpath>
                <jvmarg line="-Djava.endorsed.dirs=/home/userone/JBoss_All/jboss-AS6/jboss-as/lib/endorsed" />
            </java>
        </target>
</project>

NOTE:

If you will not set fork=”true” in the client’s run target (as mentioned in line-150 of above script) then the jvmargs wil be ignored and the “Dava.endorsed.dirs” will not be honored so you will see the following kind of exception while running your client application. So you must set the “-Djava.endorsed.dirs” to tell the client to use the JBoss’s JAXWS implementation over the JVM’s.

      javax.xml.ws.WebServiceException: java.lang.UnsupportedOperationException: setProperty must be overridden by all subclasses of SOAPMessage
      	at org.jboss.ws.core.jaxws.client.ClientImpl.handleRemoteException(ClientImpl.java:310)
      	at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:243)
      	at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:171)
      	at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:157)
      	at $Proxy7.getUsernameToken(Unknown Source)


Step10).
Now open a command/shell prompt and make sure that ANT and JAVA path is set properly init like following and then run the ant to build and deploy the webservice:

export PATH=/home/userone/MyJdks/jdk1.6.0_21/bin:/home/userone/JBoss_All/jboss-AS6/jboss-as/bin:/home/userone/org.apache.ant_1.6.5/bin:$PATH

[userone@localhost UserNameToken_WebService]$ ant
Buildfile: build.xml

prepare:
   [delete] Deleting directory /home/userone/Downloads/UserNameToken_WebService/build
    [mkdir] Created dir: /home/userone/Downloads/UserNameToken_WebService/build
    [mkdir] Created dir: /home/userone/Downloads/UserNameToken_WebService/build/UsernameTokenService.war
    [mkdir] Created dir: /home/userone/Downloads/UserNameToken_WebService/build/UsernameTokenService.war/WEB-INF
    [mkdir] Created dir: /home/userone/Downloads/UserNameToken_WebService/build/UsernameTokenService.war/WEB-INF/classes
   [delete] Deleting directory /home/userone/Downloads/UserNameToken_WebService/clientStuff
    [mkdir] Created dir: /home/userone/Downloads/UserNameToken_WebService/clientStuff

build-service:
      [apt] warning: Annotation types without processors: [org.jboss.ws.annotation.EndpointConfig, javax.annotation.Resource]
      [apt] 1 warning
     [copy] Copying 2 files to /home/userone/Downloads/UserNameToken_WebService/build/UsernameTokenService.war/WEB-INF

deploy:
     [copy] Copying 4 files to /home/userone/JBoss_All/jboss-AS6/jboss-as/server/default_Audit/deploy

post-deploy:
     [echo] *******************  NOTE  *********************
     [echo] WebService deployed Successfully. As the Basic Authentication is Enabled for this webservice
     [echo] So Access the WSDL in following format from Browser
     [echo] http://kermit:thefrog@localhost:8080/UsernameTokenService?wsdl
     [echo] Syntax:
     [echo] http://Username:Password@localhost:8080/UsernameTokenService?wsdl
     [echo] and then store it in your file system with following name:
     [echo] /home/userone/Downloads/UserNameToken_WebService/clientSrc/META-INF/wsdl/UsernameTokenService.wsdl
     [echo] And then run the ' ant client' To generate client artifacts
     [echo] ************************************************

BUILD SUCCESSFUL
Total time: 3 seconds

Step11). WebService deployed Successfully. As the Basic Authentication is Enabled for this webservice, So Access the WSDL in following format from Web Browser as following :
http://kermit:thefrog@localhost:8080/UsernameTokenService?wsdl

Syntax:
http://Username:Password@localhost:8080/UsernameTokenService?wsdl
And then save it in your file system with following name: “/home/userone/Downloads/UserNameToken_WebService/clientSrc/META-INF/wsdl/UsernameTokenService.wsdl” And then run the ‘ant client’ To generate client artifacts.

[userone@localhost UserNameToken_WebService]$ ant client
Buildfile: build.xml

client:
   [delete] Deleting directory /home/userone/UserNameToken_WebService/clientStuff
    [mkdir] Created dir: /home/userone/UserNameToken_WebService/clientStuff
    [mkdir] Created dir: /home/userone/UserNameToken_WebService/clientStuff/META-INF
 [wsimport] Consider using <depends>/<produces> so that wsimport won't do unnecessary compilation
 [wsimport] parsing WSDL...

 [wsimport] generating code...

 [wsimport] compiling code...

    [javac] Compiling 1 source file to /home/userone/UserNameToken_WebService/clientStuff
      [jar] Building jar: /home/userone/UserNameToken_WebService/clientStuff/usernameTokenClient.jar

BUILD SUCCESSFUL
Total time: 5 seconds
[userone@localhost UserNameToken_WebService]$

Step12). Now you can run the ant script to execute the client program:

[userone@localhost UserNameToken_WebService]$ ant run
Buildfile: build.xml

run:
      WSDL URL: jar:file:/home/userone/UserNameToken_WebService/clientStuff/usernameTokenClient.jar!/META-INF/wsdl/UsernameTokenService.wsdl
      Security URL: jar:file:/home/userone/UserNameToken_WebService/clientStuff/usernameTokenClient.jar!/META-INF/jboss-wsse-client.xml
       org.jboss.ws.core.StubExt loaded ..file:/home/userone/JBoss_All/jboss-AS6/jboss-as/client/jbossws-native-core.jar
      log4j:WARN No appenders could be found for logger (org.jboss.ws.metadata.builder.jaxws.JAXWSWebServiceMetaDataBuilder).
      log4j:WARN Please initialize the log4j system properly.

      	2

      	3

      	4

      	5 Call Successfuly Made.

BUILD SUCCESSFUL
Total time: 3 seconds

Step13). If you want to see how the SOAP messages are being sent and received then please add the following category in your “$PROFILE/conf/jboss-log4j.xml” file so that the SOAP messages will start appearing in the server.log file.

   <!-- Enable JBossWS message tracing -->
   <category name="org.jboss.ws.core.MessageTrace">
     <priority value="TRACE"/>
   </category>

Step14). Once you will enable the above category in jboss-log4j.xml file then in your server log you will be able to see the following kind of SOAP messages with the username tokens:

15:21:38,585 TRACE [org.jboss.ws.core.MessageTrace] (http-127.0.0.1-8080-1) Incoming Request Message
<env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'>
 <env:Header>
  <wsse:Security env:mustUnderstand='1' xmlns:ds='http://www.w3.org/2000/09/xmldsig#' xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'>
   <wsse:UsernameToken wsu:Id='token-1-1317030698447-695206801'>
    <wsse:Username>kermit</wsse:Username>
    <wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText'>thefrog</wsse:Password>
   </wsse:UsernameToken>
  </wsse:Security>
 </env:Header>
 <env:Body>
  <ns1:getUsernameToken xmlns:ns1='http://wssecurity'/>
 </env:Body>
</env:Envelope>

15:21:38,590 INFO  [STDOUT] (http-127.0.0.1-8080-1)
	[WebService- UsernameBean] getUsernameToken: kermit
15:21:38,592 TRACE [org.jboss.ws.core.MessageTrace] (http-127.0.0.1-8080-1) Outgoing Response Message
<env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'>
 <env:Header/>
 <env:Body>
  <ns1:getUsernameTokenResponse xmlns:ns1='http://wssecurity'>
   <return>Hello User: kermit</return>
  </ns1:getUsernameTokenResponse>
 </env:Body>
</env:Envelope>

Step15). If you even want to see the Http Request response details (like http headers/cookies) in the server STDOUT then in that case you can UNCOMMENT the following section in “$PROFILE/deploy/jbossweb.sar/server.xml” file

            <!--
            <Valve className="org.apache.catalina.valves.RequestDumperValve" />
            -->

Step16). Restart you JBoss AS6 profile and then you will start seeing following kind of Http Request Tracing in your server’s STDOUT while making an application call:

15:37:47,292 INFO  [ServerImpl] JBoss (Microcontainer) [5.1.0 (build: SVNTag=JBPAPP_5_1_0 date=201009150028)] Started in 25s:758ms
15:37:57,179 INFO  [[localhost]] REQUEST URI       =/UsernameTokenService
15:37:57,185 INFO  [[localhost]]           authType=null
15:37:57,187 INFO  [[localhost]]  characterEncoding=UTF-8
15:37:57,187 INFO  [[localhost]]      contentLength=-1
15:37:57,187 INFO  [[localhost]]        contentType=text/xml; charset=UTF-8
15:37:57,188 INFO  [[localhost]]        contextPath=/UsernameTokenService
15:37:57,191 INFO  [[localhost]]             header=authorization=Basic a2VybWl0OnRoZWZyb2c=
15:37:57,191 INFO  [[localhost]]             header=soapaction=""
15:37:57,191 INFO  [[localhost]]             header=content-type=text/xml; charset=UTF-8
15:37:57,191 INFO  [[localhost]]             header=jboss-remoting-version=22
15:37:57,191 INFO  [[localhost]]             header=user-agent=JBossRemoting - 2.5.3.SP1 (Flounder)
15:37:57,191 INFO  [[localhost]]             header=remotingcontenttype=remotingContentTypeNonString
15:37:57,191 INFO  [[localhost]]             header=host=127.0.0.1:8080
15:37:57,191 INFO  [[localhost]]             header=accept=text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
15:37:57,191 INFO  [[localhost]]             header=connection=keep-alive
15:37:57,191 INFO  [[localhost]]             header=transfer-encoding=chunked
15:37:57,191 INFO  [[localhost]]             locale=en_US
15:37:57,191 INFO  [[localhost]]             method=POST
15:37:57,193 INFO  [[localhost]]           pathInfo=/
15:37:57,193 INFO  [[localhost]]           protocol=HTTP/1.1
15:37:57,193 INFO  [[localhost]]        queryString=null
15:37:57,194 INFO  [[localhost]]         remoteAddr=127.0.0.1
15:37:57,194 INFO  [[localhost]]         remoteHost=127.0.0.1
15:37:57,194 INFO  [[localhost]]         remoteUser=null
15:37:57,194 INFO  [[localhost]] requestedSessionId=null
15:37:57,194 INFO  [[localhost]]             scheme=http
15:37:57,194 INFO  [[localhost]]         serverName=127.0.0.1
15:37:57,194 INFO  [[localhost]]         serverPort=8080
15:37:57,194 INFO  [[localhost]]        servletPath=
15:37:57,194 INFO  [[localhost]]           isSecure=false
15:37:57,194 INFO  [[localhost]] ---------------------------------------------------------------
15:37:57,425 INFO  [STDOUT]
	[WebService- UsernameBean] getUsernameToken: kermit
15:37:57,439 INFO  [[localhost]] ---------------------------------------------------------------
15:37:57,440 INFO  [[localhost]]           authType=BASIC
15:37:57,440 INFO  [[localhost]]      contentLength=-1
15:37:57,440 INFO  [[localhost]]        contentType=text/xml;charset=UTF-8
15:37:57,440 INFO  [[localhost]]             header=X-Powered-By=Servlet 2.5; JBoss-5.0/JBossWeb-2.1
15:37:57,440 INFO  [[localhost]]             header=Content-Type=text/xml;charset=UTF-8
15:37:57,440 INFO  [[localhost]]             header=Transfer-Encoding=chunked
15:37:57,440 INFO  [[localhost]]             header=Date=Mon, 26 Sep 2011 10:07:57 GMT
15:37:57,440 INFO  [[localhost]]            message=null
15:37:57,440 INFO  [[localhost]]         remoteUser=kermit
15:37:57,440 INFO  [[localhost]]             status=200
15:37:57,440 INFO  [[localhost]] ===============================================================

.
.
Thanks
Middleware Magic Team

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.